CFP last date
20 May 2024
Call for Paper
June Edition
IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper
Know more
The week's pick
Responsive image
Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin
Random Articles
Reseach Article

Machine Learning Techniques for Anomaly Detection: An Overview

by Salima Omar, Asri Ngadi, Hamid H. Jebur
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 79 - Number 2
Year of Publication: 2013
Authors: Salima Omar, Asri Ngadi, Hamid H. Jebur
10.5120/13715-1478

Salima Omar, Asri Ngadi, Hamid H. Jebur . Machine Learning Techniques for Anomaly Detection: An Overview. International Journal of Computer Applications. 79, 2 ( October 2013), 33-41. DOI=10.5120/13715-1478

@article{ 10.5120/13715-1478,
author = { Salima Omar, Asri Ngadi, Hamid H. Jebur },
title = { Machine Learning Techniques for Anomaly Detection: An Overview },
journal = { International Journal of Computer Applications },
issue_date = { October 2013 },
volume = { 79 },
number = { 2 },
month = { October },
year = { 2013 },
issn = { 0975-8887 },
pages = { 33-41 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume79/number2/13715-1478/ },
doi = { 10.5120/13715-1478 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:51:59.898347+05:30
%A Salima Omar
%A Asri Ngadi
%A Hamid H. Jebur
%T Machine Learning Techniques for Anomaly Detection: An Overview
%J International Journal of Computer Applications
%@ 0975-8887
%V 79
%N 2
%P 33-41
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Intrusion detection has gain a broad attention and become a fertile field for several researches, and still being the subject of widespread interest by researchers. The intrusion detection community still confronts difficult problems even after many years of research. Reducing the large number of false alerts during the process of detecting unknown attack patterns remains unresolved problem. However, several research results recently have shown that there are potential solutions to this problem. Anomaly detection is a key issue of intrusion detection in which perturbations of normal behavior indicates a presence of intended or unintended induced attacks, faults, defects and others. This paper presents an overview of research directions for applying supervised and unsupervised methods for managing the problem of anomaly detection. The references cited will cover the major theoretical issues, guiding the researcher in interesting research directions.

References
  1. Amini and Jalili. 2004. Network-based intrusion detection using unsupervised adaptive resonance theory. in Proceedings of the 4th Conference on Engineering of Intelligent Systems (EIS'04).
  2. Animesh, P. and Jung,M. 2007. "Network Anomaly Detection with Incomplete Audit Data". Elsevier Science,12 February, 2007, pp. 5-35.
  3. Bezdek, J. 1981. " Pattern recognition with fuzzy objective function algorithms". Kluwer Academic Publishers, Norwell, MA, USA (1981).
  4. Bishop, C. 1995. Neural networks for pattern recognition. England, Oxford University.
  5. Bouzida, F. , Cuppens,B. and Gombault,s. 2004. Efficient intrusion detection using principal component analysis. in Proceedings of the 3ème Conférence sur la Sécurité et Architectures Réseaux (SAR).
  6. Chan, F. , Yeung,S. and Tsang,S. 2005. Comparison of different fusion approaches for network intrusion detection using an ensemble of RBFNN. in: Proceedings of 2005 International Conference on Machine Learning and Cybernetics. .
  7. Guobing,Z. ,Cuixia,Z. and Shanshan,s. 2009. A Mixed Unsupervised Clustering-based Intrusion Detection Model. Third International Conference on Genetic and Evolutionary Computing.
  8. Dempster,A. , Laird, N. and Rubin, D. 1977. " Maximum likelihood from incomplete Data via the EM algorithm". J. Royal Stat, Soc, Vol. 39, 1977, pp. 1–38.
  9. Dunn, J. 1973. " A fuzzy relative of the ISO data process and its use in detecting compact well-separated clusters". Journal of Cyber natics, Vol. 3(3), pp. 32–57.
  10. lizabeth, L. , Olfa, N. and Jonatan,G. 2007. Anomaly detection based on unsupervised niche clustering with application to network intrusion detection. Proceedings of the IEEE Conference on Evolutionary Computation.
  11. Eskin,E. ,Arnold,A . ,Preraua,M. , Portnoy. L and Stolfo,S. " A geometric framework for unsupervised anomaly detection: Detecting intrusions in unlabeled data". In D. Barber and S. Jajodia (Eds. ). Data Mining for Security Applications. Boston: Kluwer Academic Publishers.
  12. Estevez,J. ,Garcya,P. and Dyaz, J. 2004. "Anomaly detection methods in wired networks: a survey and taxonomy". Computer Networks. Vol . 27, No. 16, 2004, pp. 1569–84.
  13. Garc?a,T. D?az,V. Macia,F. and Vazquezb. 2009. "Anomaly-based network intrusion detection". Computers and security, Vol. 2 8, 2 0 0 9, pp. 1 8 – 2 8.
  14. Gilles, C. , Melanie, H. and Christian,P. 2004. " One-class support vector machines with a conformal kernel". A case study in handling class imbalance . In Structural Syntactic and Statistical Pattern Recognition, 2004, pp. 850–858.
  15. Hajji ,H. " Statistical Analysis of Network Traffic for Adaptive Faults Detection". 2005. IEEE Trans. Neural Networks, Vol. 16, NO5, 2005, PP. 1053-1063.
  16. Han, J. and Kamber, M. 2001. " Data mining: Concept and Techniques. (1th Ed) , Morgan Kaufman publishers,
  17. Heckerman 1995. " A tutorial on Learning with Bayesian Networks". Technical report. Microsoft research, MSRTR, Vol 6
  18. Hofmann,A. , Schmitz,C. and Sick, B. 2003. Rule extraction from neural networks for intrusion detection in computer networks. in IEEE International Conference on Systems, Man and Cybernetics.
  19. Honig, A. 2002" Adaptive model generation: An architecture for the deployment of data mining based intrusion detection systems". In D. Barbar and S. Jajodia, (Eds. ), Data Mining for Security Applications. Boston: Kluwer Academic Publishers May 2002.
  20. Jain, A. , Murty, M. and Flynn, P. 1999. " Data clustering: A review". ACM Computing Surveys, Vol. 31, NO3, pp. 264–323.
  21. Jiang,J. ,Zhang,C. and Kame,M. 2003. RBF-based real- Time hierarchical intrusion detection systems. In Proceedings of the International Joint Conference on Neural Networks (IJCNN'03).
  22. Johansen, K. and Lee. " CS424 network security: Bayesian Network Intrusion Detection (BINDS)": http://citeseerx. ist. psu. edu/viewdoc/summary?doi=10. 1. 1. 83. 8479
  23. Joong, L. , Jong,H. , Seon,G. and Tai,M . 2008. " Effective Value of Decision Tree with KDD99 Intrusion Detection Datasets for Intrusion Detection System". ICACT, pp. 17-20.
  24. Jun, Z. , Ming, H. , Hong, Z . 2004. A new Method of Data Preprocessing and Anomaly Detection. Pro. of Third Inter. Conf on Machine Learning and cybernetics.
  25. Jun, W. , Xu,H. ,Rong, R. and Tai-hang ,L. 2009. A Real Time Intrusion Detection System Based on PSO-SVM. Proceedings of the International Workshop on Information Security and Application (IWISA).
  26. Kohonen, 1995. " Self-Organizing Map". Springer, Berlin,
  27. Kumar, G. Kumar, K. and Sachdeva, M. 2010. The use of artificial intelligence based techniques for intrusion detection: a review.
  28. Kayacik, G. , Zincir, H. and Heywood, M. 2003. On the Capability of an SOM Based Intrusion Detection System. Proc IEEE, IJCNN.
  29. Liao,Y. , Vemuri,R. and Pasos,A. 2007. " Adaptive anomaly detection with evolving connectionist Systems". Journal of Network and Computer Applications, Vol. 30, NO1, PP. 60–80.
  30. LI,H 2010. Research and Implementation of an Anomaly Detection Model Based on Clustering Analysis. International Symposium on Intelligent Information Processing and Trusted Computing.
  31. Liu,Z. , Florez, C. and Bridges, S. 2002. A comparison of input representations in neural networks: a case study in intrusion detection. In Proceedings of the International Joint Conference on Neural Networks (IJCNN'02).
  32. Manocha, S. and Girolami, M. 2007. " An empirical analysis of the probabilistic K-nearest Neighbor Classifier". Pattern Recognition Letters, Vol. 28, pp. 1818–1824.
  33. Ming, Y. 2011. " Real Time Anomaly Detection Systems for Denial of Service Attacks by Weighted k-Nearest- Neighbor Classifiers". Expert Systems with Applications, Vol. 38, 2011, pp. 3492-3498.
  34. Mohammed,. S. , Marwa, S. , Mohammed, Imane, S. 2007. Artificial Neural Networks Architecture for Intrusion Detection Systems and Classification of Attacks, Cairo University, Egypt.
  35. Moore, D. 2005. Internet Traffic Classification Using Bayesian Analysis Techniques. in Proceedings of ACM SIGMETRICS.
  36. Moradi and Zulkernine. 2004. A Neural Network Based System for Intrusion Detection and Classification of Attacks. IEEE International Conference on Advances in Intelligent Systems-Theory and Applications, Luxembourg: Kirchberg.
  37. Mukkamala,S. ,Sung, A. and Ribeiro, B. 2005. Model Selection for Kernel Based Intrusion Detection Systems. Proceedings of International Conference on Adaptive and Natural Computing Algorithm.
  38. Nasraoui, O. , Leon, E. & Krishnapuram, R. 2005. Unsupervised Niche Clustering: Discovering an Unknown Number of Clusters in Noisy Data Sets. In: GHOSH, A. & JAIN, L. (eds. ) Evolutionary Computation in Data Mining. Springer Berlin Heidelberg.
  39. Oh and Chae. 2008. Real Time Intrusion Detection System Based on Self-Organized Maps and Feature Correlations. The Proceedings of the Third International Conference on Convergence and Hybrid Information.
  40. Paulo, M. , Vinicius , M. and Joni. 2010. Octopus-IIDS: An Anomaly Based Intelligent Intrusion Detection System. Proceedings of Computers and Communications (ISCC).
  41. Peddabachigari, S. , Abraham, A. , Grosan, C. and Thomas, J. 2007. " Modeling Intrusion Detection System using Hybrid Intelligent Systems". J. Netw. Comput. Appl, Vol. 30, NO1, PP. 114-132.
  42. Gilles,C. ,Melanie, H. and Christian, P. 2004. One-Class Support vector Machines with a Conformal kernel A case study in handling class Imbalance. In: Structural yntactic and Statistical Pattern Recognition.
  43. Quinlan, J. 1993. " C4. 5: programs for machine learning". Log Altos, CA, Morgan Kaufmann.
  44. Rapaka,A. , Novokhodko,A. and Wunsch,D. 2003 Intrusion detection using radial basis function network on sequence of system calls. In Proceedings of the International Joint Conference on Neural Networks (IJCNN'03).
  45. Rawat,S. 2005. Efficient Data Mining Algorithms for Intrusion Detection. in Proceedings of the 4th Conference on Engineering of Intelligent Systems (EIS'04).
  46. Rui, Z. , Shaoyan, Z. , Yang, L. and Jianmin ,J. 2008. Network Anomaly Detection Using One Class Support Vector Machine. Proceedings of the International Multi Conference of Engineers and Computer Scientists.
  47. Rumelhart, D. Hinton, G. and Williams, R. 1986. " Learning internal representations by error propagation" . In: Rumelhart, D. , McClelland J L et al. (Eds. ) Parallel Distributed Processing: Explorations in the Microstructure of Cognition. MIT Press, Cambridge, MA,Vol. 1, pp. 318-362.
  48. Sahar, S. , Hashem, M. and Taymoor, M. 2010. " Intrusion Detection using Multi-Stage". Neural Network. International Journal of Computer Science and Information Security, Vol. 8, NO 4, PP. 14-20.
  49. Santanu, D. , Ashok, S. and Aditi, C. 2007. Classification of Damage Signatures in Composite Plates using One- Class SVM's. In Proceedings of the IEEE Aerospace Conference, Big Sky. MO.
  50. Shah,H. , Undercoffer,J. and Joshi, A. 2003. Fuzzy Clustering for Intrusion Detection. the 12th IEEE International Conference on Fuzzy Systems.
  51. Shailendra and Sanjay. 2009. " An ensemble approach for feature selection of Cyber Attack Dataset", International Journal of Computer Science and Information Security P12-(IJCSIS), Vol. 6, NO 2.
  52. Shingo, M. , Ci, C. Nannan, L. Kaoru, S. and Kotaro, H. " An Intrusion Detection Model Based on Fuzzy Class Association Rule Mining Using Genetic Network Programming". IEEE Transactions on Systems, Part C. Vol. 41, pp. 130-139.
  53. Shon and Moon. 2007. " A hybrid Machine Learning Approach to Network Anomaly Detection". Inf. SCI, Vol. 177, NO 18, PP. 3799-3821.
  54. Srinivas, M. 2002. Intrusion Detection using Neural Networks and Support vector Machine. Proceedings of the IEEE International HI.
  55. Theodoridis, S. and Koutroumbas. 2006. " Pattern recognition (3rd Ed. )". USA: Academic Press.
  56. Vapnik, V. " Statistical learning theory". Wiley, New York, 1998.
  57. Yao,Y. , Wei, Y. GAO, F. and Yu,G. 2006. Anomaly Intrusion Detection Approach Using Hybrid MLP/CNN Neural Network. Proceedings of the Sixth International Conference on Intelligent Systems Design and Applications.
  58. Yu, Z. and Jian, F. 2009 Intrusion Detection Model Based on Hierarchical Fuzzy Inference System. Second International Conference on Information and Computing Science Icic.
  59. Peng, N. and Sushil, J. 2003. "Intrusion Detection Techniques". nIn H. Bidgoli (Ed. ), the Internet Encyclopedia. John Wiley & Sons.
  60. Ghorbani, Wei and Tavallaee. 2010. " Theoretical Foundation of Detection Network Intrusion Detection and Prevention". Concepts and Techniques Advances in Information Security. Springer Science, Vol. 47, pp. 47- 114.
Index Terms

Computer Science
Information Sciences

Keywords

Supervised Machine Learning Unsupervised Machine Learning Network Intrusion Detection

Powered by PhDFocusTM