A deep density based and self-determining clustering approach to label unknown traffic. (November 2022)
- Record Type:
- Journal Article
- Title:
- A deep density based and self-determining clustering approach to label unknown traffic. (November 2022)
- Main Title:
- A deep density based and self-determining clustering approach to label unknown traffic
- Authors:
- Monshizadeh, Mehrnoosh
Khatri, Vikramajeet
Kantola, Raimo
Yan, Zheng - Abstract:
- Abstract: Analyzing non-labeled data is a major concern in the field of intrusion detection as the attack clusters are continuously evolving which are unknown for the system. Many studies have been conducted on different techniques such as clustering to solve this issue. Consequently, in this paper the clustering techniques are applied based on the packets' similarity to categorize unknown traffic. After clustering is done by the proposed architecture, the security investigator analyzes one packet from each cluster (instead of thousands of packets) and generalize the result of analysis to all packets belonging to the cluster. The proposed architecture, namely Associated Density Based Clustering (ADBC) applies multiple unsupervised algorithms and a co-association matrix to detect attack clusters of any shape as long as they have density-connected elements. Furthermore, the architecture automatically determines the best number of clusters in order to categorize non-labeled data. The performance of proposed architecture is evaluated based on the various metrics, while its generalization capability is tested with three publicly available datasets. Highlights: Categorizing unknown packet into distinct cluster. Introducing a new metric to improve clustering performance. Analyzing few packets from each cluster and generalizing analysis to entire cluster. Detecting malicious packet based on created clusters.
- Is Part Of:
- Journal of network and computer applications. Volume 207(2022)
- Journal:
- Journal of network and computer applications
- Issue:
- Volume 207(2022)
- Issue Display:
- Volume 207, Issue 2022 (2022)
- Year:
- 2022
- Volume:
- 207
- Issue:
- 2022
- Issue Sort Value:
- 2022-0207-2022-0000
- Page Start:
- Page End:
- Publication Date:
- 2022-11
- Subjects:
- Intrusion detection -- Data mining -- Machine Learning -- Network security -- Network traffic
Microcomputers -- Periodicals
Computer networks -- Periodicals
Application software -- Periodicals
Micro-ordinateurs -- Périodiques
Réseaux d'ordinateurs -- Périodiques
Logiciels d'application -- Périodiques
Application software
Computer networks
Microcomputers
Periodicals
004.05
004 - Journal URLs:
- http://www.sciencedirect.com/science/journal/10848045 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.jnca.2022.103513 ↗
- Languages:
- English
- ISSNs:
- 1084-8045
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 5021.410600
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 23980.xml