Y-means: a clustering method for intrusion detection

Abstract: Abstract

“…Hence, more the criterion discriminates between images more it will be important. In the other hand, the profiles of each category are identified by using an improve version of K-Means algorithm 10 . The number of profiles in each category is determined by a percentage of the total number of objects in this category.…”

“…• Integrating the profiles and the criteria weights in the learning process; • Using other improved version of K-Means algorithm for the profile identification (e.g. Y-Means [10] or JMeans [11]); • Combining the aggregation operators of the different NCD-based MCCs; • Using the concept of specified classifier, i.e. for the classification purpose we only use a subset of criteria that discriminate more between objects; • Implementing a parallel version of NCD-based MCCs to reduce the computation time.…”

Automated learning multi-criteria classifiers for FLIR ship imagery classification

“…Hence, more the criterion discriminates between images more it will be important. In the other hand, the profiles of each category are identified by using an improve version of K-Means algorithm 10 . The number of profiles in each category is determined by a percentage of the total number of objects in this category.…”

“…• Integrating the profiles and the criteria weights in the learning process; • Using other improved version of K-Means algorithm for the profile identification (e.g. Y-Means [10] or JMeans [11]); • Combining the aggregation operators of the different NCD-based MCCs; • Using the concept of specified classifier, i.e. for the classification purpose we only use a subset of criteria that discriminate more between objects; • Implementing a parallel version of NCD-based MCCs to reduce the computation time.…”

Automated learning multi-criteria classifiers for FLIR ship imagery classification

“…k-means is a classic clustering algorithm [9,10], which uses simple iteration algorithm to cluster the data set into certain amount of categories.Commonly, the number of clusters is annotated to be K. The four steps of k-means are: 1. Initialization: Randomly select K data points from the data set as the centers of the Kclusters; 2.…”

An Abnormal Network Traffic Detection Algorithm Based on Big Data Analysis

“…During the last decade, many machine learning and data mining techniques have been applied to IDSs, so that their performance was significantly improved as well as they could be constructed with low cost and effort. Particularly, unsupervised anomaly detection techniques (Eskin et al, 2002;Guan et al, 2003;Laskov et al, 2004;Leung & Leckie, 2005;Li et al, 2003;Oldmeadow et al, 2004;Portnoy et al, 2001;Song et al, 2008a;2009;Wang & Megalooikonomou, 2005) have received remarkable attention, because they are able to construct intrusion detection models without using any labeled training data (i.e., with Jungsuk Song 1 , Hiroki Takakura 2 , Yasuo Okabe 3 and Yongjin Kwon 4 instances preclassified as being an attack or not) in an automated manner, and they also have intrinsic ability to detect 0-day attacks. Furthermore, considering labeled data or purely normal data cannot be obtained easily in practice, it is better to focus on applying unsupervised anomaly detection techniques to the construction of IDSs than supervised ones.…”

Correlation Analysis Between Honeypot Data and IDS Alerts Using One-class SVM