Abstract
Traditional researches on network anomaly detection have been solely focused on the detection algorithms, whereas an important issue that has not been well studied so far is the selection of normal training data for network anomaly detection algorithm, which is highly related to the detection performance and computational complexities. In this poster, we present two instance selection mechanism – EFCM (Enhanced Fuzzy C-Means) as well asGA (Genetic Algorithm) for network anomaly detection algorithm, aiming at limiting the size of training dataset, thus reducing the computational cost of them, as well as boosting their detection performance. We report our experimental results on several classic network anomaly detection algorithms by using the network traffic trace collected from a real network environment.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Eskin, E., Arnold, A., Prerau, M., Portnoy, L., Stolfo, S.: A geometric framework for unsupervised anomaly detection: detecting intrusions in unlabeled data. In: Proc. ADMCS 2002, pp. 78–99 (2002)
Li, Y., Fang, B.X., Guo, L., Chen, Y.: Network Anomaly Detection Based on TCM-KNN Algorithm. In: Proc. ACM ASIACCS 2007, pp. 13–19 (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, Y., Guo, L., Fang, BX., Liu, XT., Lin-Qi (2009). An Experimental Study on Instance Selection Schemes for Efficient Network Anomaly Detection. In: Kirda, E., Jha, S., Balzarotti, D. (eds) Recent Advances in Intrusion Detection. RAID 2009. Lecture Notes in Computer Science, vol 5758. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04342-0_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-04342-0_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04341-3
Online ISBN: 978-3-642-04342-0
eBook Packages: Computer ScienceComputer Science (R0)