Intrusion detection by variational component-based feature saliency Gaussian mixture clustering

Research output: Contribution to conferencePaperpeer-review

98 Downloads (Pure)

Abstract

Anomaly detection is a core function of the network intrusion detection system, and due to the high volume and dimensionality of network data, clustering is an important technique for anomaly detection in unsupervised machine learning world. In this paper, we propose a clustering approach for anomaly detection on network traffic flow data. For profiling normal traffic, we apply the component-based feature saliency Gaussian mixture model. We then present a variational learning algorithm which can simultaneously optimize over the number of components, the saliency of the features for each component, and the parameters of the mixture model. The preliminary experiments on a real-world network intrusion dataset demonstrate the satisfying performance achieved by both our method on its own and with a data pre processing using the auto-encoder.

Original languageEnglish
Publication statusAccepted - 14 Aug 2023
EventWorkshop on Security and Artificial Intelligence 2023 - The Hague Conference Centre New Babylon , The Hague, Netherlands
Duration: 25 Sept 202329 Sept 2023
https://sites.google.com/view/secai2023/home

Workshop

WorkshopWorkshop on Security and Artificial Intelligence 2023
Abbreviated titleSECAI 2023
Country/TerritoryNetherlands
CityThe Hague
Period25/09/202329/09/2023
Internet address

Fingerprint

Dive into the research topics of 'Intrusion detection by variational component-based feature saliency Gaussian mixture clustering'. Together they form a unique fingerprint.

Cite this