ScienceDirect® Home Skip Main Navigation Links
You have guest access to ScienceDirect. Find out more.
 
Home
Browse
My Settings
Alerts
Help
 Quick Search
 Search tips (Opens new window)
    Clear all fields    
Computer Communications
Volume 30, Issue 1, 15 December 2006, Pages 93-100
 
Font Size: Decrease Font Size  Increase Font Size
 Abstract - selected
Article
Purchase PDF (213 K)

  E-mail Article   
  Add to my Quick Links   
Bookmark and share in 2collab (opens in new window)
Request permission to reuse this article
  Cited By in Scopus (0)
 
 
 
Related Articles in ScienceDirect
View More Related Articles
 
View Record in Scopus
 
doi:10.1016/j.comcom.2006.07.018    How to Cite or Link Using DOI (Opens New Window)
Copyright © 2006 Elsevier B.V. All rights reserved.

A latent class modeling approach to detect network intrusion

Yun Wanga, c, Corresponding Author Contact Information, E-mail The Corresponding Author, Inyoung Kimb, Gaston Mbatengc and Shih-Yieh Hoc

aCenter for Outcomes Research and Evaluation, Yale University and Yale-New Haven Health, CORE, 300 George Street, Suite 505, New Haven, CT 06511, USA bSection of Biostatistics, School of Public Health, Yale University, 300 George Street, Suite 501, New Haven, CT 06511, USA cQualidigm, 100 Roscommon Drive, Middletown, CT 06457, USA

Received 27 April 2006; 
revised 27 July 2006; 
accepted 28 July 2006. 
Available online 30 August 2006.

Purchase the full-text article



References and further reading may be available for this article. To view references and further reading you must purchase this article.

Abstract

This study presents a latent class modeling approach to examine network traffic data when labeled abnormal events are absent in training data, or such events are insufficient to fit a conventional regression model. Using six anomaly-associated risk factors identified from previous studies, the latent class model based on an unlabeled sample yielded acceptable classification results compared with a logistic regression model based on a labeled sample (correctly classified: 0.95 vs. 0.98, sensitivity: 0.99 vs. 0.99, and specificity: 0.77 vs. 0.97). The study demonstrates a great potency for using the latent class modeling technique to analyze network traffic data.

Keywords: Intrusion detection; Machine learning; Classification; Latent class model; Computer security

Article Outline

1. Introduction
2. Methods
2.1. Study design
2.2. Latent class model
2.3. Data source
2.4. Outcome and risk factors
2.5. Statistical analyses
3. Results
3.1. Data characteristics
3.2. Classification
3.3. Evaluations
4. Discussion
Acknowledgements
References
Vitae



Computer Communications
Volume 30, Issue 1, 15 December 2006, Pages 93-100
 
Home
Browse
My Settings
Alerts
Help
Elsevier.com (Opens new window)
About ScienceDirect  |  Contact Us  |  Information for Advertisers  |  Terms & Conditions  |  Privacy Policy
Copyright © 2008 Elsevier B.V. All rights reserved. ScienceDirect® is a registered trademark of Elsevier B.V.