Skip to main content
SpringerLink
Log in

Multiobjective Evolutionary Clustering Approach to Security Vulnerability Assesments

  • Conference paper
Hybrid Artificial Intelligence Systems (HAIS 2009)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 5572))

Included in the following conference series:

Abstract

Network vulnerability assessments collect large amounts of data to be further analyzed by security experts. Data mining and, particularly, unsupervised learning can help experts analyze these data and extract several conclusions. This paper presents a contribution to mine data in this security domain. We have implemented an evolutionary multiobjective approach to cluster data of security assessments. Clusters hold groups of tested devices with similar vulnerabilities to detect hidden patterns. Two different metrics have been selected as objectives to guide the discovery process. The results of this contribution are compared with other single-objective clustering approaches to confirm the value of the obtained clustering structures.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anchor, K., Zydallis, J., Gunsch, G.: Extending the computer defense immune system: Network intrusion detection with a multiobjective evolutionary programming approach. In: 1st Conf. on Artificial Immune Systems, pp. 12–21 (2002)

    Google Scholar 

  2. Bloedorn, E., Talbot, L., DeBarr, D.: Data Mining Applied to Intrusion Detection: MITRE Experiences. In: Maloof, M.A. (ed.). Springer, Heidelberg (2005)

    Google Scholar 

  3. Corral, G., Armengol, E., Fornells, A., Golobardes, E.: Data security analysis using unsupervised learning and explanations. In: Innovations in Hybrid Intelligent Systems. Advances in Soft Computing, vol. 44, pp. 112–119. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  4. Corral, G., Fornells, A., Golobardes, E., Abella, J.: Cohesion factors: improving the clustering capabilities of consensus. In: Corchado, E., Yin, H., Botti, V., Fyfe, C. (eds.) IDEAL 2006. LNCS, vol. 4224, pp. 488–495. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  5. Corral, G., Zaballos, A., Cadenas, X., Grane, A.: A distributed vulnerability detection system for an intranet. In: Proceedings of the 39th IEEE International Carnahan Conference on Security Technology (ICCST 2005), pp. 291–295 (2005)

    Google Scholar 

  6. Davies, D.L., Bouldin, D.W.: A cluster separation measure. IEEE Transactions on Pattern Analysis and Machine Learning 4, 224–227 (1979)

    Article  Google Scholar 

  7. Dawkins, J., Dale, J.: A systematic approach to multi-stage network attack analysis. In: 2nd. IEEE Int. Information Assurance Workshop (IWIA 2004) (2004)

    Google Scholar 

  8. DeLooze, L.: Classification of computer attacks using a self-organizing map. In: Proc. of the 2004 IEEE Workshop on Information Assurance, pp. 365–369 (2004)

    Google Scholar 

  9. Depren, M.O., Topallar, M., Anarim, E., Ciliz, K.: Network-based anomaly intrusion detection system using soms. In: Proc. of the IEEE 12th Signal Processing and Communications Applications Conference, pp. 76–79 (2004)

    Google Scholar 

  10. Dunn, J.C.: Well separated clusters and optimal fuzzy partitions. Journal of Cybernetics 4, 95–104 (1974)

    Article  MathSciNet  MATH  Google Scholar 

  11. Gupta, M., Rees, J., Chaturvedi, A., Chi, J.: Matching information security vulnerabilities to organizational security profiles: a genetic algorithm approach. Decision Support Systems 41(3), 592–603 (2006)

    Article  Google Scholar 

  12. Handl, J., Knowles, J.: An evolutionary approach to multiobjective clustering. IEEE Transactions on Evolutionary Computation 11(1), 56–76 (2007)

    Article  Google Scholar 

  13. Hartigan, J.A.: Clustering Algorithms. John Wiley and Sons, New York (1975)

    MATH  Google Scholar 

  14. Kohonen, T.: Self-Organizing Maps, 3rd edn. Springer, Heidelberg (2000)

    MATH  Google Scholar 

  15. Leung, K., Leckie, C.: Unsupervised anomaly detection in network intrusion detection using clusters. In: Proc. 28th Australasian CS Conf., vol. 38 (2005)

    Google Scholar 

  16. Peltier, T.R., Peltier, J., Blackley, J.: Managing a Network Vulnerability Assessment. Auerbach Publishers Inc. (2003)

    Google Scholar 

  17. Ramadas, M., Ostermann, S., Tjaden, B.C.: Detecting anomalous network traffic with self-organizing maps. In: Vigna, G., Krügel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 36–54. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  18. Rousseeuw, P.: Silhouettes: a graphical aid to the interpretation and validation of cluster analysis. J. of Comp. Applic. in Math 20, 53–65 (1987)

    Article  MATH  Google Scholar 

  19. Yang, E., Erdogan, A., Arslan, T., Barton, N.: Multi-objective evolutionary optimizations of a space-based reconfigurable sensor network under hard constraints. In: Symp. on Bioinspired, Learning, and Int. Syst. for Security, pp. 72–75 (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Grup de Recerca en Sistemes Intel·ligents La Salle, Universitat Ramon Llull, c/ Quatre Camins 2, 08022, Barcelona, Spain

    G. Corral, A. Garcia-Piquer, A. Orriols-Puig, A. Fornells & E. Golobardes

Authors
  1. G. Corral
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. A. Garcia-Piquer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. A. Orriols-Puig
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. A. Fornells
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. E. Golobardes
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Grupo de Investigación GICAP, Área de Lenguajes Higher Polytechnic School, Universidad de Burgos, Burgos, Spain

    Emilio Corchado

  2. Department of Computer Science, University of Vermont, 33 Colchester Avenue, Burlington, VT, USA

    Xindong Wu

  3. Computer and Information Science, Helsinki University of Technology, P.O. Box 5400, 02015 HUT, Finland

    Erkki Oja

  4. Grupo de Investigación GICAP, Área de Lenguajes y Sistemas Informáticos, Departamento de Ingeniería Civil, Escuela Politécnica Superior, Universidad de Burgos, Campus Vena, Francisco de Vitoria, 09006, Burgos, Spain

    Álvaro Herrero  & Bruno Baruque  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Corral, G., Garcia-Piquer, A., Orriols-Puig, A., Fornells, A., Golobardes, E. (2009). Multiobjective Evolutionary Clustering Approach to Security Vulnerability Assesments. In: Corchado, E., Wu, X., Oja, E., Herrero, Á., Baruque, B. (eds) Hybrid Artificial Intelligence Systems. HAIS 2009. Lecture Notes in Computer Science(), vol 5572. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02319-4_72

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-02319-4_72

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-02318-7

  • Online ISBN: 978-3-642-02319-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation