A new system to evaluate GA-based clustering algorithms in intrusion detection alert management system

Proceedings - 2010 2nd World Congress on Nature and Biologically Inspired Computing, NaBIC 2010

Volumn , Issue , 2010, Pages 115-120

  Bahrbegi, Hadi ^a   Navin, Ahmad Habibizad ^b   Ahrabi, Amir Azimi Alasti ^a   Mirnia, Mir Kamal ^b   Mollanejad, Amir ^c  

^a IAU of Shabestar   (Iran)

^b UNIVERSITY OF TABRIZ   (Iran)

^c IAU of Jolfa   (Iran)

Author keywords

Alert classification; Alert clustering; False positive alert reduction; Genetic algorithm; IDS

Indexed keywords

ALERT CLASSIFICATION; ALERT CLUSTERING; ALERT FILTERING; ALERT MANAGEMENT SYSTEMS; ALERT REDUCTION; CLASSIFICATION SYSTEM; FALSE POSITIVE; FALSE POSITIVE ALERT REDUCTION; IDS; INTRUSION DETECTION SYSTEMS; KDD CUP 98; NETWORK CONNECTIVITY; NEW SYSTEM; TRUE POSITIVE;

GENETIC ALGORITHMS; INTRUSION DETECTION;

CLUSTERING ALGORITHMS;

EID: 79952762919     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/NABIC.2010.5716289     Document Type: Conference Paper

References (38)

1. H. Debar, M. Dacier, and A. Wespi. Towards a taxonomy of intrusion-detection systems. COMPUT. NETWORKS, 31(8):805-822, 1999. 60 Conclusion And Future Work 61.
2. K. Julisch, "Clustering intrusion detection alarms to support root cause analysis", ACM Transactions on Information ad System Security (TISSEC), 2003, Volume 6, Issue 4, Pages: 443-471.
3. Julisch, K.: Mining alarm clusters to improve alarm handling efficiency. In: Proceeding of the 17th Annual Computer Security Applications Conference,New Orleans,pp. 12-21 (2001).
4. F. Cuppens. Managing alerts in a multi-intrusion detection environment. Proceedings of the 17th Annual Computer Security Applications Conference,32, 2001.
5. E. MIRADOR, "Mirador: a cooperative approach of IDS", European Symposium on Research in Computer Security (ESORICS). Toulouse, France,2000.
6. Wang, J., Wang, H., Zhao, G. 2006. A GA-based Solution to an NP-hard Problem of Clustering Security Events. IEEE 2093-2097.
7. Jianxin Wang, Baojiang Cui, "Clustering IDS Alarms with an IGA-based Approach",ICCCAS 2009,pp586-591.
8. QIAO Pei-li, CHEN Shi-feng, SU jie, "The Research of NIDS Based on Improved GA",Wireless Communications, Networking ad Mobile Computing,2009.Page(s): 1-4.
9. Owais, S.; Snasel, V.; Kromer, P.; Abraham, A, "Survey: Using Genetic Algorithm Approach in Intrusion Detection Systems Techniques", Computer Information Systems ad Industrial Maagement Applications,2008,Page(s): 300-307.
10. Chien-Chuan Lin, Ming-Shi Wang, "Genetic-clustering algorithm for intrusion detection system", International Journal of Information and Computer Security, Volume 2, Number 2 / 2008, Pages:218-234. (Pubitemid 351802741)
11. S Terry Brugger and Jedidiah Chow," An Assessment of the DARPA IDS Evaluation Dataset Using Snort", UC Davis Technical Report CSE-2007-1, Davis, CA, 6 January 2007.
12. Snort: The open source network intrusion detection system. Available: http://www.snort.org/.
13. MIT Lincoln Lab. (1998). DARPA 1998 Intrusion Detection Evaluation Datasets. Available: http://www.ll.mit.edulmission/communications/ist/ corporaiideval/data/1998data.html
14. Snort Manual, www.snort.org/assets/82/snort-manual.pdf
15. Rui Xu ad Donald C. Wunsch II, "Survey of clustering algorithms/' IEEE Transactions on Neural Networks, vol. 16, no. 3, pp. 645-678, 2005. (Pubitemid 40718010)
16. D. E. Goldberg, "Genetic Algorithms in Search, Optimization and Machine Learning", Addison-Wesley, New York, 1989.
17. R. Krovi, "Genetic algorithm for clustering: A preliminary investigation", Proc. 25th Hawaii Internat. Conf. on Systems Sciences (1992), pp. 540-544. (Pubitemid 23571415)
18. Ujjwal Maulik, Sanghamitra Bandyopadhyay, "Genetic algorithm-based clustering technique", Elsevier, The Journal of the Pattern Recognition Society,2000,pages 1455-1465.
19. Krishna K,Murty M: Genetic K-means algorithm. IEEE Transactions on Systems, Man ad Cybernetics - Part B: Cybernetics 1999, 29:433-439.
20. Liu Fuyan, Chen Chouyong And Lv Shaoyi, "An Improved Genetic Approach", 2005 International Conference on Neural Networks and Brain- page 641-644.
21. Yi Lu, Shiyong Lu, Farshad Fotouhi, Youping Deng, Susan J. Brown, "FGKA: a Fast Genetic K-means Clustering Algorithm", SAC 2004, pages: 622-623.
22. Alessandro G. Di Nuovo, Vincenzo Catania, Maurizio Palesi "The hybrid genetic fuzzy C-means: a reasoned implementation", Proceedings of the 7th WSEAS International Conference on Fuzzy Systems,ACM,2006,pages 33-38.
23. N. R. Pal, K. Pal ad J. C. Bezdek, "A mixed c-means clustering model,' Proceedings of the Sixth IEEE International Conference on Fuzzy Systems, Vol. 1,pp. 11-21, Jul. 1997.
24. R. Krishnapuram ad J. M. Keller, "A possibilistic approach to clustering,' IEEE Transactions on Fuzzy Systems, Vol. I, No. 2, pp. 98-110, May 1993.
25. Nasraoui, krishnapuram R. (1995), "crisp Interpretations of fuzzy and possibilistic c-meas algorithm: insights ad recommendations",IEEE Trans. Fuzzy Systems,4(3),385-393.
26. J. Gitma ad M. D. Levine, "An algorithm for detecting unimodal fuzzy sets and its application as a clustering technique', IEEE Tans. Comput., 1970.
27. N.R.Pal, K.Pal, J.M.Keller ad J.C.Bezdek. "A Fuzzy Possibilistic c-Means Clustering Algorithm", IEEE Transactions on Fuzzy Systems, volume 13, NO.4, pages 517-530,2005. (Pubitemid 41461446)
28. R. Nagendra, P. Arockia Jansi Rai, "A Novel FPCM Based Vector Quatizer Codebook Design for Image Compression in the Wavelet Packet Domain", International journal of Multimedia & Its Applications(IJMA), Vol. 2, No. I, Feb, 2010, pages: 1-8.
29. Matlab Software, http://www.mathworks.com.
30. Aldenderfer, Blashfield, Cluster Analysis, Sage Publications, 1984, page 7
31. Saha, Mukhopadhyay, "Genetic Algorithm ad Simulated Annealing based Approaches to Categorical Data Clustering", Proceedings of the International MultiConference of Engineers and Computer Scientists 2008 Vol 1,pp: 534-539.
32. L. Davis (Ed.), "Hadbook of Genetic Algorithms", Va Nostrad Reinhold,New York, 1991.
33. Z. Michalewicz, "Genetic Algorithms + Data Structures = Evolution Programs", Springer, New York, 1992.
34. J.L.R. Filho, P.C. Treleaven, C. Alippi, "Genetic algorithm programming environments"
35. IEEE Computer Society Press, vol. 27, issue 6,1994, pp: 28-43.
36. Hathaway, R.J., Bezdek, J.C., ad W.T. Tucker, "An Improved Convergence Theory for the Fuzzy Isodata Clustering Algorithms", The Analysis of Fuzzy Information, ed. J. C. Bezdek, Vol 3, CRC Press, Boca Raton, pp. 123-131,1987.
37. Hartiga, J. A, "Clustering Algorithms", Wiley, 1975, ISBN 0-471-35645-X.
38. J. C. Dunn, "A Fuzzy Relative of the ISODATA Process and Its Use in Detecting Compact Well-Separated Clusters", Journal of Cybernetics Vol 3, pp: 32-57,1973.