A fuzzy anomaly detection system based on hybrid PSO-Kmeans algorithm in content-centric networks

被引:102
作者
Karami, Amin [1 ]
Guerrero-Zapata, Manel [1 ]
机构
[1] Univ Politecn Cataluna, Comp Architecture Dept DAC, ES-08034 Barcelona, Spain
关键词
Content-centric networks; Anomaly detection; Particle swarm optimization; K-means; Clustering analysis; Fuzzy set; INTRUSION DETECTION SYSTEM; K-MEANS;
D O I
10.1016/j.neucom.2014.08.070
中图分类号
TP18 [人工智能理论];
学科分类号
140502 [人工智能];
摘要
In Content-Centric Networks (CCNs) as a possible future Internet, new kinds of attacks and security challenges - from Denial of Service (DoS) to privacy attacks - will arise. An efficient and effective security mechanism is required to secure content and defense against unknown and new forms of attacks and anomalies. Usually, clustering algorithms would fit the requirements for building a good anomaly detection system. K-means is a popular anomaly detection method to classify data into different categories. However, it suffers from the local convergence and sensitivity to selection of the cluster centroids. In this paper, we present a novel fuzzy anomaly detection system that works in two phases. In the first phase - the training phase - we propose an hybridization of Particle Swarm Optimization (PSO) and K-means algorithm with two simultaneous cost functions as well-separated clusters and local optimization to determine the optimal number of clusters. When the optimal placement of clusters centroids and objects are defined, it starts the second phase. In this phase - the detection phase - we employ a fuzzy approach by the combination of two distance-based methods as classification and outlier to detect anomalies in new monitoring data. Experimental results demonstrate that the proposed algorithm can achieve to the optimal number of clusters, well-separated clusters, as well as increase the high detection rate and decrease the false positive rate at the same time when compared to some other well-known clustering algorithms. (c) 2014 Elsevier B.V. All rights reserved.
引用
收藏
页码:1253 / 1269
页数:17
相关论文
共 67 条
[1]
Ahlgren B., 2010, P DAGST SEM 10492 IN
[2]
Anderberg M.R., 1973, Cluster analysis for applications
[3]
[Anonymous], 2013, INT J COMPUT APPL, DOI DOI 10.5120/14021-2180
[4]
[Anonymous], 2010, SECURITY SCALABILITY
[5]
[Anonymous], INFORM CENTRIC NETWO
[6]
[Anonymous], P PERF REL DEP EV CO
[7]
[Anonymous], 2003, Congress on Evolutionary Computation, DOI [DOI 10.1109/CEC.2003.1299577, 10.1109/CEC.2003.1299577]
[8]
Ardestani M. Hovaidi, 2013, CCNXCON 2013 PRAC XE
[9]
Asuncion Arthur, 2007, UCI machine learning repository
[10]
Bradley A., 1907, PATTERN RECOGN, V30, P1145