Skip to Main content Skip to Navigation
Book sections

Mining Common Outliers for Intrusion Detection

Goverdhan Singh 1 Florent Masseglia 2 Céline Fiot 1 Alice Marascu 1 Pascal Poncelet 3 
1 AxIS - Usage-centered design, analysis and improvement of information systems
CRISAM - Inria Sophia Antipolis - Méditerranée , Inria Paris-Rocquencourt
2 ZENITH - Scientific Data Management
LIRMM - Laboratoire d'Informatique de Robotique et de Microélectronique de Montpellier, CRISAM - Inria Sophia Antipolis - Méditerranée
3 TATOO - Fouille de données environnementales
LIRMM - Laboratoire d'Informatique de Robotique et de Microélectronique de Montpellier
Abstract : Data mining for intrusion detection can be divided into several sub-topics, among which unsupervised clustering (which has controversial properties). Unsupervised clustering for intrusion detection aims to i) group behaviours together depending on their similarity and ii) detect groups containing only one (or very few) behaviour(s). Such isolated behaviours seem to deviate from the model of normality; therefore, they are considered as malicious. Obviously, not all atypical behaviours are attacks or intrusion attempts. This represents one drawback of intrusion detection methods based on clustering.We take into account the addition of a new feature to isolated behaviours before they are considered malicious. This feature is based on the possible repeated occurrences of the bahaviour on many information systems. Based on this feature, we propose a new outlier mining method which we validate through a set of experiments.
Document type :
Book sections
Complete list of metadata

Cited literature [32 references]  Display  Hide  Download
Contributor : Pascal Poncelet Connect in order to contact the contributor
Submitted on : Wednesday, March 20, 2019 - 3:37:11 PM
Last modification on : Friday, August 5, 2022 - 3:03:28 PM
Long-term archiving on: : Friday, June 21, 2019 - 9:15:22 PM


Files produced by the author(s)



Goverdhan Singh, Florent Masseglia, Céline Fiot, Alice Marascu, Pascal Poncelet. Mining Common Outliers for Intrusion Detection. Fabrice Guillet; Gilbert Ritschard; Djamel Abdelkader Zighed; Henri Briand. Advances in Knowledge Discovery and Management, 292, Springer, pp.217-234, 2010, Studies in Computational Intelligence, 978-3-642-00579-4. ⟨10.1007/978-3-642-00580-0_13⟩. ⟨lirmm-00798705⟩



Record views


Files downloads