Online Anomaly Detection Based on Support Vector Clustering
- DOI
- 10.1080/18756891.2015.1061393How to use a DOI?
- Keywords
- Online anomaly detection, support vector clustering, self-organizing map, quadratic programming
- Abstract
A two-phase online anomaly detection method based on support vector clustering (SVC) in the presence of non-stationary data is developed in this paper which permits arbitrary-shaped data clusters to be precisely treated. In the first step, offline learning is performed to achieve an appropriate detection model. Then the current model dynamically evolves to match the rapidly changing real-world data. To reduce the dimension of the quadratic programming (QP) problem emerging in the SVC, self-organizing map (SOM) and a replacement mechanism are used to summarize the incoming data. Thus, the proposed method can be efficiently and effectively useable in real time applications. The performance of the proposed method is evaluated by a simulated dataset, three subsets extracted from the KDD Cup 99 dataset, and the keystroke dynamics dataset. Results illustrate capabilities of the proposed method in detection of new attacks as well as normal pattern changes over the time.
- Copyright
- © 2017, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - JOUR AU - Mohammad Amin Adibi AU - Jamal Shahrabi PY - 2015 DA - 2015/08/01 TI - Online Anomaly Detection Based on Support Vector Clustering JO - International Journal of Computational Intelligence Systems SP - 735 EP - 746 VL - 8 IS - 4 SN - 1875-6883 UR - https://doi.org/10.1080/18756891.2015.1061393 DO - 10.1080/18756891.2015.1061393 ID - Adibi2015 ER -