Relevant bibliographies by topics / Unsupervised intrusion detection / Journal articles
To see the other types of publications on this topic, follow the link: Unsupervised intrusion detection.

Journal articles on the topic 'Unsupervised intrusion detection'

Author: Grafiati
Published: 2 July 2021
Last updated: 3 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Unsupervised intrusion detection.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

ZHONG, SHI, TAGHI M. KHOSHGOFTAAR, and NAEEM SELIYA. "CLUSTERING-BASED NETWORK INTRUSION DETECTION." International Journal of Reliability, Quality and Safety Engineering 14, no. 02 (April 2007): 169–87. http://dx.doi.org/10.1142/s0218539307002568.

Full text
Abstract:
Recently data mining methods have gained importance in addressing network security issues, including network intrusion detection — a challenging task in network security. Intrusion detection systems aim to identify attacks with a high detection rate and a low false alarm rate. Classification-based data mining models for intrusion detection are often ineffective in dealing with dynamic changes in intrusion patterns and characteristics. Consequently, unsupervised learning methods have been given a closer look for network intrusion detection. We investigate multiple centroid-based unsupervised clustering algorithms for intrusion detection, and propose a simple yet effective self-labeling heuristic for detecting attack and normal clusters of network traffic audit data. The clustering algorithms investigated include, k-means, Mixture-Of-Spherical Gaussians, Self-Organizing Map, and Neural-Gas. The network traffic datasets provided by the DARPA 1998 offline intrusion detection project are used in our empirical investigation, which demonstrates the feasibility and promise of unsupervised learning methods for network intrusion detection. In addition, a comparative analysis shows the advantage of clustering-based methods over supervised classification techniques in identifying new or unseen attack types.
APA, Harvard, Vancouver, ISO, and other styles
2

Hajamydeen, Asif Iqbal, and Nur Izura Udzir. "A Detailed Description on Unsupervised Heterogeneous Anomaly Based Intrusion Detection Framework." Scalable Computing: Practice and Experience 20, no. 1 (March 9, 2019): 113–60. http://dx.doi.org/10.12694/scpe.v20i1.1465.

Full text
Abstract:
Observing network traffic flow for anomalies is a common method in Intrusion Detection. More effort has been taken in utilizing the data mining and machine learning algorithms to construct anomaly based intrusion detection systems, but the dependency on the learned models that were built based on earlier network behaviour still exists, which restricts those methods in detecting new or unknown intrusions. Consequently, this investigation proposes a structure to identify an extensive variety of abnormalities by analysing heterogeneous logs, without utilizing either a prepared model of system transactions or the attributes of anomalies. To accomplish this, a current segment (clustering) has been used and a few new parts (filtering, aggregating and feature analysis) have been presented. Several logs from multiple sources are used as input and this data are processed by all the modules of the framework. As each segment is instrumented for a particular undertaking towards a definitive objective, the commitment of each segment towards abnormality recognition is estimated with various execution measurements. Ultimately, the framework is able to detect a broad range of intrusions exist in the logs without using either the attack knowledge or the traffic behavioural models. The result achieved shows the direction or pathway to design anomaly detectors that can utilize raw traffic logs collected from heterogeneous sources on the network monitored and correlate the events across the logs to detect intrusions.
APA, Harvard, Vancouver, ISO, and other styles
3

Zoppi, Tommaso, Mohamad Gharib, Muhammad Atif, and Andrea Bondavalli. "Meta-Learning to Improve Unsupervised Intrusion Detection in Cyber-Physical Systems." ACM Transactions on Cyber-Physical Systems 5, no. 4 (October 31, 2021): 1–27. http://dx.doi.org/10.1145/3467470.

Full text
Abstract:
Artificial Intelligence (AI)- based classifiers rely on Machine Learning (ML) algorithms to provide functionalities that system architects are often willing to integrate into critical Cyber-Physical Systems (CPSs) . However, such algorithms may misclassify observations, with potential detrimental effects on the system itself or on the health of people and of the environment. In addition, CPSs may be subject to threats that were not previously known, motivating the need for building Intrusion Detectors (IDs) that can effectively deal with zero-day attacks. Different studies were directed to compare misclassifications of various algorithms to identify the most suitable one for a given system. Unfortunately, even the most suitable algorithm may still show an unsatisfactory number of misclassifications when system requirements are strict. A possible solution may rely on the adoption of meta-learners, which build ensembles of base-learners to reduce misclassifications and that are widely used for supervised learning. Meta-learners have the potential to reduce misclassifications with respect to non-meta learners: however, misleading base-learners may let the meta-learner leaning towards misclassifications and therefore their behavior needs to be carefully assessed through empirical evaluation. To such extent, in this paper we investigate, expand, empirically evaluate, and discuss meta-learning approaches that rely on ensembles of unsupervised algorithms to detect (zero-day) intrusions in CPSs. Our experimental comparison is conducted by means of public datasets belonging to network intrusion detection and biometric authentication systems, which are common IDSs for CPSs. Overall, we selected 21 datasets, 15 unsupervised algorithms and 9 different meta-learning approaches. Results allow discussing the applicability and suitability of meta-learning for unsupervised anomaly detection, comparing metric scores achieved by base algorithms and meta-learners. Analyses and discussion end up showing how the adoption of meta-learners significantly reduces misclassifications when detecting (zero-day) intrusions in CPSs.
APA, Harvard, Vancouver, ISO, and other styles
4

Meira, Jorge. "Comparative Results with Unsupervised Techniques in Cyber Attack Novelty Detection." Proceedings 2, no. 18 (September 17, 2018): 1191. http://dx.doi.org/10.3390/proceedings2181191.

Full text
Abstract:
Intrusion detection is a major necessity in current times. Computer systems are constantly being victims of malicious attacks. These attacks keep on exploring new technics that are undetected by current Intrusion Detection Systems (IDS), because most IDS focus on detecting signatures of previously known attacks. This work explores some unsupervised learning algorithms that have the potential of identifying previously unknown attacks, by performing outlier detection. The algorithms explored are one class based: the Autoencoder Neural Network, K-Means, Nearest Neighbor and Isolation Forest. There algorithms were used to analyze two publicly available datasets, the NSL-KDD and ISCX, and compare the results obtained from each algorithm to perceive their performance in novelty detection.
APA, Harvard, Vancouver, ISO, and other styles
5

Casas, Pedro, Johan Mazel, and Philippe Owezarski. "Unsupervised Network Intrusion Detection Systems: Detecting the Unknown without Knowledge." Computer Communications 35, no. 7 (April 2012): 772–83. http://dx.doi.org/10.1016/j.comcom.2012.01.016.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Zhao, Yi Lin, and Qing Lei Zhou. "Intrusion Detection Method Based on LEGClust Algorithm." Applied Mechanics and Materials 263-266 (December 2012): 3025–33. http://dx.doi.org/10.4028/www.scientific.net/amm.263-266.3025.

Full text
Abstract:
Clustering analysis is a typical unsupervised learning technology in data mining, which can improve the efficiency of intrusion detection system. LEGClust cluster algorithm is a new clustering analysis technique and it can effectively find the arbitrary shape clusters hidden in the data. We apply this algorithm to the intrusion detection field and present an intrusion detection method. We introduce the real dissimilarity among data into the determination of data connection relationship. Experiment results on KDD CUP1999 Dataset show that LEGClust algorithm is an effective technique for intrusion detection and the improved LEGClust performs even better.
APA, Harvard, Vancouver, ISO, and other styles
7

Almalawi, Abdulmohsen, Adil Fahad, Zahir Tari, Asif Irshad Khan, Nouf Alzahrani, Sheikh Tahir Bakhsh, Madini O. Alassafi, Abdulrahman Alshdadi, and Sana Qaiyum. "Add-On Anomaly Threshold Technique for Improving Unsupervised Intrusion Detection on SCADA Data." Electronics 9, no. 6 (June 18, 2020): 1017. http://dx.doi.org/10.3390/electronics9061017.

Full text
Abstract:
Supervisory control and data acquisition (SCADA) systems monitor and supervise our daily infrastructure systems and industrial processes. Hence, the security of the information systems of critical infrastructures cannot be overstated. The effectiveness of unsupervised anomaly detection approaches is sensitive to parameter choices, especially when the boundaries between normal and abnormal behaviours are not clearly distinguishable. Therefore, the current approach in detecting anomaly for SCADA is based on the assumptions by which anomalies are defined; these assumptions are controlled by a parameter choice. This paper proposes an add-on anomaly threshold technique to identify the observations whose anomaly scores are extreme and significantly deviate from others, and then such observations are assumed to be ”abnormal”. The observations whose anomaly scores are significantly distant from ”abnormal” ones will be assumed as ”normal”. Then, the ensemble-based supervised learning is proposed to find a global and efficient anomaly threshold using the information of both ”normal”/”abnormal” behaviours. The proposed technique can be used for any unsupervised anomaly detection approach to mitigate the sensitivity of such parameters and improve the performance of the SCADA unsupervised anomaly detection approaches. Experimental results confirm that the proposed technique achieved a significant improvement compared to the state-of-the-art of two unsupervised anomaly detection algorithms.
APA, Harvard, Vancouver, ISO, and other styles
8

Li, Longlong, Qin Chen, Shuiming Chi, and Xiaohang Liu. "Unsupervised Intrusion Detection based on FCM and Vote Mechanism." Information Technology Journal 13, no. 1 (December 15, 2013): 133–39. http://dx.doi.org/10.3923/itj.2014.133.139.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Iraqi, Omar, and Hanan El Bakkali. "Application-Level Unsupervised Outlier-Based Intrusion Detection and Prevention." Security and Communication Networks 2019 (July 28, 2019): 1–13. http://dx.doi.org/10.1155/2019/8368473.

Full text
Abstract:
As cyber threats are permanently jeopardizing individuals privacy and organizations’ security, there have been several efforts to empower software applications with built-in immunity. In this paper, we present our approach to immune applications through application-level, unsupervised, outlier-based intrusion detection and prevention. Our framework allows tracking application domain objects all along the processing lifecycle. It also leverages the application business context and learns from production data, without creating any training burden on the application owner. Moreover, as our framework uses runtime application instrumentation, it incurs no additional cost on the application provider. We build a fine-grained and rich-feature application behavioral model that gets down to the method level and its invocation context. We define features to be independent from the variable structure of method invocation parameters and returned values, while preserving security-relevant information. We implemented our framework in a Java environment and evaluated it on a widely-used, enterprise-grade, and open-source ERP. We tested several unsupervised outlier detection algorithms and distance functions. Our framework achieved the best results in terms of effectiveness using the Local Outlier Factor algorithm and the Clark distance, while the average instrumentation overhead per intercepted call remains acceptable.
APA, Harvard, Vancouver, ISO, and other styles
10

Min, Luo, Zhang Huan-guo, and Wang Li-na. "Research and implementation of unsupervised clustering-based intrusion detection." Wuhan University Journal of Natural Sciences 8, no. 3 (September 2003): 803–7. http://dx.doi.org/10.1007/bf02900819.

Full text
APA, Harvard, Vancouver, ISO, and other styles
11

Silaban, Andreas Jonathan, Satria Mandala, and Erwid Jadied Mustofa. "Wrapper-Based Feature Selection Analysis For Semi-Supervised Anomaly Based Intrusion Detection System." International Journal on Information and Communication Technology (IJoICT) 5, no. 2 (June 10, 2020): 32. http://dx.doi.org/10.21108/ijoict.2019.52.209.

Full text
Abstract:
<p>Intrusion Detection System (IDS) plays as a role in detecting various types of attacks on computer networks. IDS identifies attacks based on a classification data network. The result of accuracy was weak in past research. To solve this problem, this research proposes using a wrapper feature selection method to improve accuracy detection. Wrapper-Feature selection works in the preprocessing stage to eliminate features. Then it will be clustering using a semi-supervised method. The semi-supervised method divided into two steps. There are supervised random forest and unsupervised using Kmeans. The results of each supervised and unsupervised will be ensembling using linear and logistic regression. The combination of wrapper and semi-supervised will get the maximum result.</p>
APA, Harvard, Vancouver, ISO, and other styles
12

Cai, Long-zheng, Jian Chen, Yun Ke, Tao Chen, and Zhi-gang Li. "A new data normalization method for unsupervised anomaly intrusion detection." Journal of Zhejiang University SCIENCE C 11, no. 10 (September 29, 2010): 778–84. http://dx.doi.org/10.1631/jzus.c0910625.

Full text
APA, Harvard, Vancouver, ISO, and other styles
13

TANG, Shao-xian. "Intrusion detection based on unsupervised clustering and hybrid genetic algorithm." Journal of Computer Applications 28, no. 2 (July 10, 2008): 409–11. http://dx.doi.org/10.3724/sp.j.1087.2008.00409.

Full text
APA, Harvard, Vancouver, ISO, and other styles
14

Ghafir, Ibrahim, Konstantinos G. Kyriakopoulos, Francisco J. Aparicio-Navarro, Sangarapillai Lambotharan, Basil Assadhan, and Hamad Binsalleeh. "A Basic Probability Assignment Methodology for Unsupervised Wireless Intrusion Detection." IEEE Access 6 (2018): 40008–23. http://dx.doi.org/10.1109/access.2018.2855078.

Full text
APA, Harvard, Vancouver, ISO, and other styles
15

Carrasco, Rafael San Miguel, and Miguel-Angel Sicilia. "Unsupervised intrusion detection through skip-gram models of network behavior." Computers & Security 78 (September 2018): 187–97. http://dx.doi.org/10.1016/j.cose.2018.07.003.

Full text
APA, Harvard, Vancouver, ISO, and other styles
16

Choi, Hyunseung, Mintae Kim, Gyubok Lee, and Wooju Kim. "Unsupervised learning approach for network intrusion detection system using autoencoders." Journal of Supercomputing 75, no. 9 (March 9, 2019): 5597–621. http://dx.doi.org/10.1007/s11227-019-02805-w.

Full text
APA, Harvard, Vancouver, ISO, and other styles
17

Siddiqui, Abdul Jabbar, and Azzedine Boukerche. "Adaptive ensembles of autoencoders for unsupervised IoT network intrusion detection." Computing 103, no. 6 (February 20, 2021): 1209–32. http://dx.doi.org/10.1007/s00607-021-00912-2.

Full text
APA, Harvard, Vancouver, ISO, and other styles
18

Zoppi, Tommaso, Andrea Ceccarelli, Tommaso Capecchi, and Andrea Bondavalli. "Unsupervised Anomaly Detectors to Detect Intrusions in the Current Threat Landscape." ACM/IMS Transactions on Data Science 2, no. 2 (April 2, 2021): 1–26. http://dx.doi.org/10.1145/3441140.

Full text
Abstract:
Anomaly detection aims at identifying unexpected fluctuations in the expected behavior of a given system. It is acknowledged as a reliable answer to the identification of zero-day attacks to such extent, several ML algorithms that suit for binary classification have been proposed throughout years. However, the experimental comparison of a wide pool of unsupervised algorithms for anomaly-based intrusion detection against a comprehensive set of attacks datasets was not investigated yet. To fill such gap, we exercise 17 unsupervised anomaly detection algorithms on 11 attack datasets. Results allow elaborating on a wide range of arguments, from the behavior of the individual algorithm to the suitability of the datasets to anomaly detection. We conclude that algorithms as Isolation Forests, One-Class Support Vector Machines, and Self-Organizing Maps are more effective than their counterparts for intrusion detection, while clustering algorithms represent a good alternative due to their low computational complexity. Further, we detail how attacks with unstable, distributed, or non-repeatable behavior such as Fuzzing, Worms, and Botnets are more difficult to detect. Ultimately, we digress on capabilities of algorithms in detecting anomalies generated by a wide pool of unknown attacks, showing that achieved metric scores do not vary with respect to identifying single attacks.
APA, Harvard, Vancouver, ISO, and other styles
19

Qaddoura, Raneem, Ala’ M. Al-Zoubi, Iman Almomani, and Hossam Faris. "A Multi-Stage Classification Approach for IoT Intrusion Detection Based on Clustering with Oversampling." Applied Sciences 11, no. 7 (March 28, 2021): 3022. http://dx.doi.org/10.3390/app11073022.

Full text
Abstract:
Intrusion detection of IoT-based data is a hot topic and has received a lot of interests from researchers and practitioners since the security of IoT networks is crucial. Both supervised and unsupervised learning methods are used for intrusion detection of IoT networks. This paper proposes an approach of three stages considering a clustering with reduction stage, an oversampling stage, and a classification by a Single Hidden Layer Feed-Forward Neural Network (SLFN) stage. The novelty of the paper resides in the technique of data reduction and data oversampling for generating useful and balanced training data and the hybrid consideration of the unsupervised and supervised methods for detecting the intrusion activities. The experiments were evaluated in terms of accuracy, precision, recall, and G-mean and divided into four steps: measuring the effect of the data reduction with clustering, the evaluation of the framework with basic classifiers, the effect of the oversampling technique, and a comparison with basic classifiers. The results show that SLFN classification technique and the choice of Support Vector Machine and Synthetic Minority Oversampling Technique (SVM-SMOTE) with a ratio of 0.9 and the k value of 3 for k-means++ clustering technique give better results than other values and other classification techniques.
APA, Harvard, Vancouver, ISO, and other styles
20

Vaiyapuri, Thavavel, and Adel Binbusayyis. "Application of deep autoencoder as an one-class classifier for unsupervised network intrusion detection: a comparative evaluation." PeerJ Computer Science 6 (December 7, 2020): e327. http://dx.doi.org/10.7717/peerj-cs.327.

Full text
Abstract:
The ever-increasing use of internet has opened a new avenue for cybercriminals, alarming the online businesses and organization to stay ahead of evolving thread landscape. To this end, intrusion detection system (IDS) is deemed as a promising defensive mechanism to ensure network security. Recently, deep learning has gained ground in the field of intrusion detection but majority of progress has been witnessed on supervised learning which requires adequate labeled data for training. In real practice, labeling the high volume of network traffic is laborious and error prone. Intuitively, unsupervised deep learning approaches has received gaining momentum. Specifically, the advances in deep learning has endowed autoencoder (AE) with greater ability for data reconstruction to learn the robust feature representation from massive amount of data. Notwithstanding, there is no study that evaluates the potential of different AE variants as one-class classifier for intrusion detection. This study fills this gap of knowledge presenting a comparative evaluation of different AE variants for one-class unsupervised intrusion detection. For this research, the evaluation includes five different variants of AE such as Stacked AE, Sparse AE, Denoising AE, Contractive AE and Convolutional AE. Further, the study intents to conduct a fair comparison establishing a unified network configuration and training scheme for all variants over the common benchmark datasets, NSL-KDD and UNSW-NB15. The comparative evaluation study provides a valuable insight on how different AE variants can be used as one-class classifier to build an effective unsupervised IDS. The outcome of this study will be of great interest to the network security community as it provides a promising path for building effective IDS based on deep learning approaches alleviating the need for adequate and diverse intrusion network traffic behavior.
APA, Harvard, Vancouver, ISO, and other styles
21

Huang, Xiaolong. "Network Intrusion Detection Based on an Improved Long-Short-Term Memory Model in Combination with Multiple Spatiotemporal Structures." Wireless Communications and Mobile Computing 2021 (April 24, 2021): 1–10. http://dx.doi.org/10.1155/2021/6623554.

Full text
Abstract:
Aimed at the existing problems in network intrusion detection, this paper proposes an improved LSTM combined with spatiotemporal structure for intrusion detection. The unsupervised spatiotemporal encoder is used to intelligently extract the spatial characteristics of network traffic data samples. It can not only retain the overall/nonlocal characteristics of the data samples but also extract the most essential deep features of the data samples. Finally, the extracted features are used as input of the LSTM model to realize classification and identification for intrusion samples. Experimental verification shows that the accuracy and false alarm rate of the intrusion detection model based on the neural network are significantly better than those of other traditional models.
APA, Harvard, Vancouver, ISO, and other styles
22

Goernitz, N., M. Kloft, K. Rieck, and U. Brefeld. "Toward Supervised Anomaly Detection." Journal of Artificial Intelligence Research 46 (February 20, 2013): 235–62. http://dx.doi.org/10.1613/jair.3623.

Full text
Abstract:
Anomaly detection is being regarded as an unsupervised learning task as anomalies stem from adversarial or unlikely events with unknown distributions. However, the predictive performance of purely unsupervised anomaly detection often fails to match the required detection rates in many tasks and there exists a need for labeled data to guide the model generation. Our first contribution shows that classical semi-supervised approaches, originating from a supervised classifier, are inappropriate and hardly detect new and unknown anomalies. We argue that semi-supervised anomaly detection needs to ground on the unsupervised learning paradigm and devise a novel algorithm that meets this requirement. Although being intrinsically non-convex, we further show that the optimization problem has a convex equivalent under relatively mild assumptions. Additionally, we propose an active learning strategy to automatically filter candidates for labeling. In an empirical study on network intrusion detection data, we observe that the proposed learning methodology requires much less labeled data than the state-of-the-art, while achieving higher detection accuracies.
APA, Harvard, Vancouver, ISO, and other styles
23

Barletta, Vita Santa, Danilo Caivano, Antonella Nannavecchia, and Michele Scalera. "Intrusion Detection for in-Vehicle Communication Networks: An Unsupervised Kohonen SOM Approach." Future Internet 12, no. 7 (July 14, 2020): 119. http://dx.doi.org/10.3390/fi12070119.

Full text
Abstract:
The diffusion of embedded and portable communication devices on modern vehicles entails new security risks since in-vehicle communication protocols are still insecure and vulnerable to attacks. Increasing interest is being given to the implementation of automotive cybersecurity systems. In this work we propose an efficient and high-performing intrusion detection system based on an unsupervised Kohonen Self-Organizing Map (SOM) network, to identify attack messages sent on a Controller Area Network (CAN) bus. The SOM network found a wide range of applications in intrusion detection because of its features of high detection rate, short training time, and high versatility. We propose to extend the SOM network to intrusion detection on in-vehicle CAN buses. Many hybrid approaches were proposed to combine the SOM network with other clustering methods, such as the k-means algorithm, in order to improve the accuracy of the model. We introduced a novel distance-based procedure to integrate the SOM network with the K-means algorithm and compared it with the traditional procedure. The models were tested on a car hacking dataset concerning traffic data messages sent on a CAN bus, characterized by a large volume of traffic with a low number of features and highly imbalanced data distribution. The experimentation showed that the proposed method greatly improved detection accuracy over the traditional approach.
APA, Harvard, Vancouver, ISO, and other styles
24

Sirisha, Aswadati, Kosaraju Chaitanya, Komanduri Venkata Sesha Sai Rama Krishna, and Satya Sandeep Kanumalli. "Intrusion Detection Models Using Supervised and Unsupervised Algorithms - A Comparative Estimation." International Journal of Safety and Security Engineering 11, no. 1 (February 28, 2021): 51–58. http://dx.doi.org/10.18280/ijsse.110106.

Full text
Abstract:
Intrusion Detection is a protection device that tracks and identifies inappropriate network behaviors. Several computer simulation methods for identifying network infiltrations have been suggested. The existing mechanisms are not adequate to cope with network protection threats that expand exponentially with Internet use. Unbalanced groups are one of the issues with datasets. This paper outlines the implementation and study on classification and identification of anomaly in different machine learning algorithms for network dependent intrusion. A number of balanced and unbalanced data sets are known as benchmarks for assessments by NSLKDD and CICIDS. For deciding the right range of options for app collection is the Random Forest Classifier. The chosen logistic regression, decision trees, random forest, naive bayes, nearest neighbors, K-means, isolation forest, locally-based outliers are a group of algorithms that have been monitored and unmonitored for their use. Results from implementations reveal that Random Forest beats the other approaches for supervised learning, though K-Means does better than others.
APA, Harvard, Vancouver, ISO, and other styles
25

Dai, Yawen, Guanghui Yuan, Zhaoyuan Yang, and Bin Wang. "K-Modes Clustering Algorithm Based on Weighted Overlap Distance and Its Application in Intrusion Detection." Scientific Programming 2021 (May 25, 2021): 1–9. http://dx.doi.org/10.1155/2021/9972589.

Full text
Abstract:
In order to better apply the K-modes algorithm to intrusion detection, this paper overcomes the problems of the existing K-modes algorithm based on rough set theory. Firstly, for the problem of K-modes clustering in the initial class center selection, an initial class center selection algorithm Ini_Weight based on weighted density and weighted overlap distance is proposed. Secondly, based on the Ini_Weight algorithm, a new K-modes clustering algorithm WODKM based on weighted overlap distance is proposed. Thirdly, the WODKM clustering algorithm is applied to intrusion detection to obtain a new unsupervised intrusion detection model. The model detects the intrusion by dividing the clusters in the clustering result into normal clusters and abnormal clusters and analyzing the weighted average density of the object x to be detected in each cluster and the weighted overlapping distance of x and each center point. We verified the intrusion detection performance of the model on the KDD Cup 99 dataset. The experimental results of the current study show that the proposed intrusion detection model achieves efficient results and solves the problems existing in the present-day intrusion detection system to some extent.
APA, Harvard, Vancouver, ISO, and other styles
26

Prasanta Gogoi, B. Borah, and D. K. Bhattacharyya. "Anomaly Detection Analysis of Intrusion Data Ising Supervised & Unsupervised Approach." Journal of Convergence Information Technology 5, no. 1 (February 28, 2010): 95–110. http://dx.doi.org/10.4156/jcit.vol5.issue1.11.

Full text
APA, Harvard, Vancouver, ISO, and other styles
27

Ramani Varanasi, Venkata. "A Comparative Evaluation of supervised and unsupervised algorithms for Intrusion Detection." International Journal of Advanced Trends in Computer Science and Engineering 9, no. 4 (August 25, 2020): 4834–43. http://dx.doi.org/10.30534/ijatcse/2020/9394202.

Full text
APA, Harvard, Vancouver, ISO, and other styles
28

Wang, Xiao Bin, Yong Jun Wang, and Yong Lin Sun. "Abnormal File Access Behavior Detection Based on FPD: An Unsupervised Approach." Applied Mechanics and Materials 713-715 (January 2015): 2212–16. http://dx.doi.org/10.4028/www.scientific.net/amm.713-715.2212.

Full text
Abstract:
Information security is a great challenge for organizations in our modern information world. Existing security facilities like Firewalls, Intrusion Detection Systems and Antivirus are not enough to guarantee the security of information. File is an important carrier of information, which is the intent of quite a number of attackers. In this paper, we extend the FPD-based approach for detecting abnormal file access behaviors. We propose 3 approaches to calculate FPD values in the case of lacking training data, and we apply a k-means based unsupervised approach to distinguish between normal processes and abnormal ones. Experiment demonstrate that our unsupervised approach is still effective compared to the supervised case with training data.
APA, Harvard, Vancouver, ISO, and other styles
29

Daneshpazhouh, Armin, and Ashkan Sami. "Semi-Supervised Outlier Detection with Only Positive and Unlabeled Data Based on Fuzzy Clustering." International Journal on Artificial Intelligence Tools 24, no. 03 (June 2015): 1550003. http://dx.doi.org/10.1142/s0218213015500037.

Full text
Abstract:
The task of semi-supervised outlier detection is to find the instances that are exceptional from other data, using some labeled examples. In many applications such as fraud detection and intrusion detection, this issue becomes more important. Most existing techniques are unsupervised. On the other hand, semi-supervised approaches use both negative and positive instances to detect outliers. However, in many real world applications, very few positive labeled examples are available. This paper proposes an innovative approach to address this problem. The proposed method works as follows. First, some reliable negative instances are extracted by a kNN-based algorithm. Afterwards, fuzzy clustering using both negative and positive examples is utilized to detect outliers. Experimental results on real data sets demonstrate that the proposed approach outperforms the previous unsupervised state-of-the-art methods in detecting outliers.
APA, Harvard, Vancouver, ISO, and other styles
30

Sahu, Santosh Kumar, Akanksha Katiyar, Kanchan Mala Kumari, Govind Kumar, and Durga Prasad Mohapatra. "An SVM-Based Ensemble Approach for Intrusion Detection." International Journal of Information Technology and Web Engineering 14, no. 1 (January 2019): 66–84. http://dx.doi.org/10.4018/ijitwe.2019010104.

Full text
Abstract:
The objective of this article is to develop an intrusion detection model aimed at distinguishing attacks in the network. The aim of building IDS relies on upon preprocessing of intrusion data, choosing most relevant features and in the plan of an efficient learning algorithm that properly groups the normal and malicious examples. In this experiment, the detection model uses an ensemble approach of supervised (SVM) and unsupervised (K-Means) to detect the patterns. This technique first divides the data and forms two clusters as per K-Means and labels the clusters using the Support Vector Machine (SVM). The parameters of K-Means and SVM are tuned and optimized using an intrusion dataset. The SVM provides up to 88%, and K-Means provides up to 83% accuracy individually. However, the ensemble of K-Means and SVM provides more than 99% on three benchmarked datasets in less time. The SVM only classifies three instances of each cluster randomly and labels them as per a majority voting approach. The proposed approach outperforms compared to earlier ensemble approaches on intrusion datasets.
APA, Harvard, Vancouver, ISO, and other styles
31

Javidi, Mohammad Masoud. "Network Attacks Detection by Hierarchical Neural Network." Computer Engineering and Applications Journal 4, no. 2 (June 18, 2015): 119–32. http://dx.doi.org/10.18495/comengapp.v4i2.108.

Full text
Abstract:
Intrusion detection is an emerging area of research in the computer security and net-works with the growing usage of internet in everyday life. Most intrusion detection systems (IDSs) mostly use a single classifier algorithm to classify the network traffic data as normal behavior or anomalous. However, these single classifier systems fail to provide the best possible attack detection rate with low false alarm rate. In this paper,we propose to use a hybrid intelligent approach using a combination of classifiers in order to make the decision intelligently, so that the overall performance of the resul-tant model is enhanced. The general procedure in this is to follow the supervised or un-supervised data filtering with classifier or cluster first on the whole training dataset and then the output are applied to another classifier to classify the data. In this re- search, we applied Neural Network with Supervised and Unsupervised Learning in order to implement the intrusion detection system. Moreover, in this project, we used the method of Parallelization with real time application of the system processors to detect the systems intrusions.Using this method enhanced the speed of the intrusion detection. In order to train and test the neural network, NSLKDD database was used. Creating some different intrusion detection systems, each of which considered as a single agent, we precisely proceeded with the signature-based intrusion detection of the network.In the proposed design, the attacks have been classified into 4 groups and each group is detected by an Agent equipped with intrusion detection system (IDS).These agents act independently and report the intrusion or non-intrusion in the system; the results achieved by the agents will be studied in the Final Analyst and at last the analyst reports that whether there has been an intrusion in the system or not.Keywords: Intrusion Detection, Multi-layer Perceptron, False Positives, Signature- based intrusion detection, Decision tree, Nave Bayes Classifier
APA, Harvard, Vancouver, ISO, and other styles
32

Wang, Zu-Min, Ji-Yu Tian, Jing Qin, Hui Fang, and Li-Ming Chen. "A Few-Shot Learning-Based Siamese Capsule Network for Intrusion Detection with Imbalanced Training Data." Computational Intelligence and Neuroscience 2021 (September 13, 2021): 1–17. http://dx.doi.org/10.1155/2021/7126913.

Full text
Abstract:
Network intrusion detection remains one of the major challenges in cybersecurity. In recent years, many machine-learning-based methods have been designed to capture the dynamic and complex intrusion patterns to improve the performance of intrusion detection systems. However, two issues, including imbalanced training data and new unknown attacks, still hinder the development of a reliable network intrusion detection system. In this paper, we propose a novel few-shot learning-based Siamese capsule network to tackle the scarcity of abnormal network traffic training data and enhance the detection of unknown attacks. In specific, the well-designed deep learning network excels at capturing dynamic relationships across traffic features. In addition, an unsupervised subtype sampling scheme is seamlessly integrated with the Siamese network to improve the detection of network intrusion attacks under the circumstance of imbalanced training data. Experimental results have demonstrated that the metric learning framework is more suitable to extract subtle and distinctive features to identify both known and unknown attacks after the sampling scheme compared to other supervised learning methods. Compared to the state-of-the-art methods, our proposed method achieves superior performance to effectively detect both types of attacks.
APA, Harvard, Vancouver, ISO, and other styles
33

Vega Vega, Rafael Alejandro, Pablo Chamoso-Santos, Alfonso González Briones, José-Luis Casteleiro-Roca, Esteban Jove, María del Carmen Meizoso-López, Benigno Antonio Rodríguez-Gómez, et al. "Intrusion Detection with Unsupervised Techniques for Network Management Protocols over Smart Grids." Applied Sciences 10, no. 7 (March 27, 2020): 2276. http://dx.doi.org/10.3390/app10072276.

Full text
Abstract:
The present research work focuses on overcoming cybersecurity problems in the Smart Grid. Smart Grids must have feasible data capture and communications infrastructure to be able to manage the huge amounts of data coming from sensors. To ensure the proper operation of next-generation electricity grids, the captured data must be reliable and protected against vulnerabilities and possible attacks. The contribution of this paper to the state of the art lies in the identification of cyberattacks that produce anomalous behaviour in network management protocols. A novel neural projectionist technique (Beta Hebbian Learning, BHL) has been employed to get a general visual representation of the traffic of a network, making it possible to identify any abnormal behaviours and patterns, indicative of a cyberattack. This novel approach has been validated on 3 different datasets, demonstrating the ability of BHL to detect different types of attacks, more effectively than other state-of-the-art methods.
APA, Harvard, Vancouver, ISO, and other styles
34

Hanselmann, Markus, Thilo Strauss, Katharina Dormann, and Holger Ulmer. "CANet: An Unsupervised Intrusion Detection System for High Dimensional CAN Bus Data." IEEE Access 8 (2020): 58194–205. http://dx.doi.org/10.1109/access.2020.2982544.

Full text
APA, Harvard, Vancouver, ISO, and other styles
35

Nisioti, Antonia, Alexios Mylonas, Paul D. Yoo, and Vasilios Katos. "From Intrusion Detection to Attacker Attribution: A Comprehensive Survey of Unsupervised Methods." IEEE Communications Surveys & Tutorials 20, no. 4 (2018): 3369–88. http://dx.doi.org/10.1109/comst.2018.2854724.

Full text
APA, Harvard, Vancouver, ISO, and other styles
36

Kumar Mallick, Pradeep, Bibhu Prasad Mohanty, Sudan Jha, and Kuhoo . "A novel Approach Using “Supervised and Unsupervised learning” to prevent the Adequacy of Intrusion Detection Systems." International Journal of Engineering & Technology 7, no. 3.34 (September 1, 2018): 474. http://dx.doi.org/10.14419/ijet.v7i3.34.19362.

Full text
Abstract:
Countering digital dangers, particularly assault detection, is a testing region of research in the field of data affirmation. Intruders utilize polymorphic instruments to disguise the assault payload and dodge the detection methods. Many supervised and unsupervised learning comes closer from the field of machine learning and example acknowledgments have been utilized to expand the adequacy of intrusion detection systems (IDSs). Supervised learning approaches utilize just marked examples to prepare a classifier, however getting adequate named tests is lumbering, and requires the endeavors of area specialists. Notwithstanding, un-marked examples can without much of a stretch be acquired in some genuine issues. Contrasted with super-vised learning approaches, semi-supervised learning (SSL) addresses this issue by considering expansive number of unlabeled examples together with the marked examples to fabricate a superior classifier. In today’s age security is a big issue and every day when we are on the internet we are exposed to a huge number of threats where our personal information can be leaked. The information security and the Intrusion Detection System (IDS) play a critical role in the internet. IDS isan essential tool for detecting different kinds of attacks in a network and maintaining data integrity, confidentiality, and system availability against possible threats. In this paper, we are proposing a modified Elitist approach where the value of fitness is multiplied by the times a variable which is determined on the basis of the value of Kappa (K).
APA, Harvard, Vancouver, ISO, and other styles
37

Yu, Zhenhao, Fang Liu, Yinquan Yuan, Sihan Li, and Zhengying Li. "Signal Processing for Time Domain Wavelengths of Ultra-Weak FBGs Array in Perimeter Security Monitoring Based on Spark Streaming." Sensors 18, no. 9 (September 4, 2018): 2937. http://dx.doi.org/10.3390/s18092937.

Full text
Abstract:
To detect perimeter intrusion accurately and quickly, a stream computing technology was used to improve real-time data processing in perimeter intrusion detection systems. Based on the traditional density-based spatial clustering of applications with noise (T-DBSCAN) algorithm, which depends on manual adjustments of neighborhood parameters, an adaptive parameters DBSCAN (AP-DBSCAN) method that can achieve unsupervised calculations was proposed. The proposed AP-DBSCAN method was implemented on a Spark Streaming platform to deal with the problems of data stream collection and real-time analysis, as well as judging and identifying the different types of intrusion. A number of sensing and processing experiments were finished and the experimental data indicated that the proposed AP-DBSCAN method on the Spark Streaming platform exhibited a fine calibration capacity for the adaptive parameters and the same accuracy as the T-DBSCAN method without the artificial setting of neighborhood parameters, in addition to achieving good performances in the perimeter intrusion detection systems.
APA, Harvard, Vancouver, ISO, and other styles
38

Om Pal, Peeyush Jain, Sudhansu Goyal, Zia Saquib, and Bernard L. Menezes. "Intrusion Detection Using Graph Support: A Hybrid Approach of Supervised and Unsupervised Techniques." International Journal of Advancements in Computing Technology 2, no. 3 (August 31, 2010): 114–18. http://dx.doi.org/10.4156/ijact.vol2.issue3.12.

Full text
APA, Harvard, Vancouver, ISO, and other styles
39

Rabbani, Mahdi, Yongli Wang, Reza Khoshkangini, Hamed Jelodar, Ruxin Zhao, Sajjad Bagheri Baba Ahmadi, and Seyedvalyallah Ayobi. "A Review on Machine Learning Approaches for Network Malicious Behavior Detection in Emerging Technologies." Entropy 23, no. 5 (April 25, 2021): 529. http://dx.doi.org/10.3390/e23050529.

Full text
Abstract:
Network anomaly detection systems (NADSs) play a significant role in every network defense system as they detect and prevent malicious activities. Therefore, this paper offers an exhaustive overview of different aspects of anomaly-based network intrusion detection systems (NIDSs). Additionally, contemporary malicious activities in network systems and the important properties of intrusion detection systems are discussed as well. The present survey explains important phases of NADSs, such as pre-processing, feature extraction and malicious behavior detection and recognition. In addition, with regard to the detection and recognition phase, recent machine learning approaches including supervised, unsupervised, new deep and ensemble learning techniques have been comprehensively discussed; moreover, some details about currently available benchmark datasets for training and evaluating machine learning techniques are provided by the researchers. In the end, potential challenges together with some future directions for machine learning-based NADSs are specified.
APA, Harvard, Vancouver, ISO, and other styles
40

Jing, Yong Wen, and Li Fen Li. "SOM and PSO Based Alerts Clustering in Intrusion Detection System." Applied Mechanics and Materials 401-403 (September 2013): 1453–57. http://dx.doi.org/10.4028/www.scientific.net/amm.401-403.1453.

Full text
Abstract:
With the growing deployment of host and network intrusion detection systems (IDSs), thousands of alerts are generally generated from them per day. Managing these alerts becomes critically important. In this paper, a hybrid alert clustering method based on self-Organizing maps (SOM) and particle swarm optimization (PSO) is presented. We firstly select the important features through binary particle swarm optimization (BPSO) and mutual information (MI) and get a dimension reduced dataset. SOM is used to cluster the dataset. PSO is used to evolve the weights for SOM to improve the clustering result. The algorithm is based on a type of unsupervised machine learning algorithm that infers relationships from data without the need to train the algorithm with expertly labelled data. The approach is validated using the 2000 DARPA intrusion detection datasets and comparative results between the canonical SOM and our scheme are presented.
APA, Harvard, Vancouver, ISO, and other styles
41

Jabbar, Ayad. "Local and Global Outlier Detection Algorithms in Unsupervised Approach: A Review." Iraqi Journal for Electrical and Electronic Engineering 17, no. 1 (March 31, 2021): 1–12. http://dx.doi.org/10.37917/ijeee.17.1.9.

Full text
Abstract:
The problem of outlier detection is one of the most important issues in the field of analysis due to its applicability in several famous problem domains, including intrusion detection, security, banks, fraud detection, and discovery of criminal activities in electronic commerce. Anomaly detection comprises two main approaches: supervised and unsupervised approach. The supervised approach requires pre-defined information, which is defined as the type of outliers, and is difficult to be defined in some applications. Meanwhile, the second approach determines the outliers without human interaction. A review of the unsupervised approach, which shows the main advantages and the limitations considering the studies performed in the supervised approach, is introduced in this paper. This study indicated that the unsupervised approach suffers from determining local and global outlier objects simultaneously as the main problem related to algorithm parameterization. Moreover, most algorithms do not rank or identify the degree of being an outlier or normal objects and required different parameter settings by the research. Examples of such parameters are the radius of neighborhood, number of neighbors within the radius, and number of clusters. A comprehensive and structured overview of a large set of interesting outlier algorithms, which emphasized the outlier detection limitation in the unsupervised approach, can be used as a guideline for researchers who are interested in this field.
APA, Harvard, Vancouver, ISO, and other styles
42

Almomani, Ammar, Mohammad Alauthman, Firas Albalas, O. Dorgham, and Atef Obeidat. "An Online Intrusion Detection System to Cloud Computing Based on Neucube Algorithms." International Journal of Cloud Applications and Computing 8, no. 2 (April 2018): 96–112. http://dx.doi.org/10.4018/ijcac.2018040105.

Full text
Abstract:
This article describes how as network traffic grows, attacks on traffic become more complicated and harder to detect. Recently, researchers have begun to explore machine learning techniques with cloud computing technologies to classify network threats. So, new and creative ways are needed to enhance intrusion detection system. This article addresses the source of the above issues through detecting an intrusion in cloud computing before it further disrupts normal network operations, because the complexity of malicious attack techniques have evolved from traditional malicious attack technologies (direct malicious attack), which include different malicious attack classes, such as DoS, Probe, R2L, and U2R malicious attacks, especially the zero-day attack in online mode. The proposed online intrusion detection cloud system (OIDCS) adopts the principles of the new spiking neural network architecture called NeuCube algorithm. It is proposed that this system is the first filtering system approach that utilizes the NeuCube algorithm. The OIDCS inherits the hybrid (supervised/unsupervised) learning feature of the NeuCube algorithm and uses this algorithm in an online system with lifelong learning to classify input while learning the system. The system is accurate, especially when working with a zero-day attack, reaching approximately 97% accuracy based on the to-be-remembered (TBR) encoding algorithm.
APA, Harvard, Vancouver, ISO, and other styles
43

Ramaiah, CH, D. Adithya Charan, and R. Syam Akhil. "Secure automated threat detection and prevention (SATDP)." International Journal of Engineering & Technology 7, no. 2.20 (April 18, 2018): 86. http://dx.doi.org/10.14419/ijet.v7i2.20.11760.

Full text
Abstract:
Secure automated threat detection and prevention is the more effective procedure to reduce the workload of analyst by scanning the network, server functions& then informs the analyst if any suspicious activity is detected in the network. It monitors the system continuously and responds according to the threat environment. This response action varies from phase to phase. Here suspicious activities are detected by the help of an artificial intelligence which acts as a virtual analyst concurrently with network intrusion detection system to defend from the threat environment and taking appropriate measures with the permission of the analyst. In its final phase where packet analysis is carried out to surf for attack vectors and then categorize supervised and unsupervised data. Where the unsupervised data will be decoded or converted to supervised data with help of analyst feedback and then auto-update the algorithm (virtual analyst). So that it evolves the algorithm (with active learning mechanism) itself by time and become more efficient, strong. So, it can able to defend form similar or same kind of attacks.
APA, Harvard, Vancouver, ISO, and other styles
44

Mohammadpour, Leila, T. C. Ling, C. S. Liew, and Alihossein Aryanfar. "A Mean Convolutional Layer for Intrusion Detection System." Security and Communication Networks 2020 (October 24, 2020): 1–16. http://dx.doi.org/10.1155/2020/8891185.

Full text
Abstract:
The significant development of Internet applications over the past 10 years has resulted in the rising necessity for the information network to be secured. An intrusion detection system is a fundamental network infrastructure defense that must be able to adapt to the ever-evolving threat landscape and identify new attacks that have low false alarm. Researchers have developed several supervised as well as unsupervised methods from the data mining and machine learning disciplines so that anomalies can be detected reliably. As an aspect of machine learning, deep learning uses a neuron-like structure to learn tasks. A successful deep learning technique method is convolution neural network (CNN); however, it is presently not suitable to detect anomalies. It is easier to identify expected contents within the input flow in CNNs, whereas there are minor differences in the abnormalities compared to the normal content. This suggests that a particular method is required for identifying such minor changes. It is expected that CNNs would learn the features that form the characteristic of the content of an image (flow) rather than variations that are unrelated to the content. Hence, this study recommends a new CNN architecture type known as mean convolution layer (CNN-MCL) that was developed for learning the anomalies’ content features and then identifying the particular abnormality. The recommended CNN-MCL helps in designing a strong network intrusion detection system that includes an innovative form of convolutional layer that can teach low-level abnormal characteristics. It was observed that assessing the proposed model on the CICIDS2017 dataset led to favorable results in terms of real-world application regarding detecting anomalies that are highly accurate and have low false-alarm rate as opposed to other best models.
APA, Harvard, Vancouver, ISO, and other styles
45

Dr.R.Venkatesh, Kavitha S, Dr Uma Maheswari N,. "Network Anomaly Detection for NSL-KDD Dataset Using Deep Learning." INFORMATION TECHNOLOGY IN INDUSTRY 9, no. 2 (March 31, 2021): 821–27. http://dx.doi.org/10.17762/itii.v9i2.419.

Full text
Abstract:
Deep learning based intrusion detection cyber security methods gained increased popularity. The essential element to provide protection to the ICT infrastructure is the intrusion detection systems (IDSs). Intelligent solutions are necessary to control the complexity and increase in the new attack types. The intelligent system (DL/ML) has been widely used with its benefits to effectively deal with complex and great dimensional data. The IDS has various attack types like known, unknown, zero day attacks are attractive to and detected using unsupervised machine learning techniques. A novel methodology has been proposed that combines the benefits of Isolation forest (One Class) Support Vector Machine (OCSVM) with active learning method to detect threats without any prior knowledge. The NSL-KDD dataset has been used to evaluate the various DL methods with active learning method. The results show that this method performs better than other techniques. The design methodology inspires the efforts to emerging anomaly detection.
APA, Harvard, Vancouver, ISO, and other styles
46

Lee, JooHwa, and KeeHyun Park. "AE-CGAN Model based High Performance Network Intrusion Detection System." Applied Sciences 9, no. 20 (October 10, 2019): 4221. http://dx.doi.org/10.3390/app9204221.

Full text
Abstract:
In this paper, a high-performance network intrusion detection system based on deep learning is proposed for situations in which there are significant imbalances between normal and abnormal traffic. Based on the unsupervised learning models autoencoder (AE) and the generative adversarial networks (GAN) model during deep learning, the study aim is to solve the imbalance of data and intrusion detection of high performance. The AE-CGAN (autoencoder-conditional GAN) model is proposed to improve the performance of intrusion detection. This model oversamples rare classes based on the GAN model in order to solve the performance degradation caused by data imbalance after processing the characteristics of the data to a lower level using the autoencoder model. To measure the performance of the AE-CGAN model, data is classified using random forest (RF), a typical machine learning classification algorithm. In this experiment, we used the canadian institute for cybersecurity intrusion detection system (CICIDS)2017 dataset, the latest public dataset of network intrusion detection system (NIDS), and compared the three models to confirm efficacy of the proposed model. We compared the performance of three types of models. These included single-RF, a classification model using only a classification algorithm, AE-RF which is processed by classifying data features, and the AE-CGAN model which is classified after solving the data feature processing and data imbalance. Experimental results showed that the performance of the AE-CGAN model proposed in this paper was the highest. In particular, when the data were unbalanced, the performances of recall and F1 score, which are more accurate performance indicators, were 93.29% and 95.38%, respectively. The AE-CGAN model showed much better performance.
APA, Harvard, Vancouver, ISO, and other styles
47

Kuwahara, Takuya, Yukino Baba, Hisashi Kashima, Takeshi Kishikawa, Junichi Tsurumi, Tomoyuki Haga, Yoshihiro Ujiie, Takamitsu Sasaki, and Hideki Matsushima. "Supervised and Unsupervised Intrusion Detection Based on CAN Message Frequencies for In-vehicle Network." Journal of Information Processing 26 (2018): 306–13. http://dx.doi.org/10.2197/ipsjjip.26.306.

Full text
APA, Harvard, Vancouver, ISO, and other styles
48

Qu, Hongchun, Zeliang Qiu, Xiaoming Tang, Min Xiang, and Ping Wang. "Incorporating unsupervised learning into intrusion detection for wireless sensor networks with structural co-evolvability." Applied Soft Computing 71 (October 2018): 939–51. http://dx.doi.org/10.1016/j.asoc.2018.07.044.

Full text
APA, Harvard, Vancouver, ISO, and other styles
49

Prasad, Mahendra, Sachin Tripathi, and Keshav Dahal. "Unsupervised feature selection and cluster center initialization based arbitrary shaped clusters for intrusion detection." Computers & Security 99 (December 2020): 102062. http://dx.doi.org/10.1016/j.cose.2020.102062.

Full text
APA, Harvard, Vancouver, ISO, and other styles
50

Sovilj, Dušan, Paul Budnarain, Scott Sanner, Geoff Salmon, and Mohan Rao. "A comparative evaluation of unsupervised deep architectures for intrusion detection in sequential data streams." Expert Systems with Applications 159 (November 2020): 113577. http://dx.doi.org/10.1016/j.eswa.2020.113577.

Full text
APA, Harvard, Vancouver, ISO, and other styles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography