Authors: Chien-Chuan Lin, Ming-Shi Wang
Addresses: Department of Engineering Science, National Cheng Kung University, No. 1, Ta-Hsueh Road, Tainan 70101, Taiwan. ' Department of Engineering Science, National Cheng Kung University, No. 1, Ta-Hsueh Road, Tainan 70101, Taiwan
Abstract: This study proposes a genetic-clustering algorithm to etect and classify the data instances, collected from intrusion detection systems into normal or attack clusters, automatically. The proposed genetic clustering algorithm can obtain the optimal clustering solution based on the minimum distance of within cluster distance and maximum distance of between cluster distance. The two main aims of the proposed algorithm are to increase the detection rate and decrease the false negative rate for intrusion detection systems. The experimental results show that the proposed approach can reach available rate levels for detection rate, false negative rate, and the novel attack detection rate.
Keywords: intrusion detection systems; genetic clustering algorithms; network security; K-means; information security; computer security; attack clusters.
International Journal of Information and Computer Security, 2008 Vol.2 No.2, pp.218 - 234
Available online: 26 May 2008 *Full-text access for editors Access for subscribers Purchase this article Comment on this article