Abstract
Filtering and classifying features of attack traffic is a crucial issue for network security applications such as intrusion detection systems (IDS). In this research, a genetic-clustering algorithm has been developed to detect and classify the data instances collected from IDS into normal or attack clusters automatically. The proposed algorithm can obtain the optimal clustering solution based on the minimum within-cluster distance (WCD) and maximum between-cluster distance (BCD). The advantages of the proposed algorithm are increasing the DR(Detection Rate), reducing the process time, decreasing the FNR(False Negative Rate) and also identify new attack traffics. The proposed algorithm is consisted of two phases, training phase and testing phase, and used the dataset generated from the 1999 KDD Cup dataset.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lin, CC., Wang, MS. (2006). Practical Intrusion Detection Using Genetic-Clustering. In: Mehrotra, S., Zeng, D.D., Chen, H., Thuraisingham, B., Wang, FY. (eds) Intelligence and Security Informatics. ISI 2006. Lecture Notes in Computer Science, vol 3975. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11760146_104
Download citation
DOI: https://doi.org/10.1007/11760146_104
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34478-0
Online ISBN: 978-3-540-34479-7
eBook Packages: Computer ScienceComputer Science (R0)