We present a PCA-LVQ model and a balanced-training method for efficient intrusion alert analysis. For the connection records in the 1999 DARPA intrusion dataset, we firstly get a dimension-reduced dataset through Principal Component Analysis (PCA). Then, we use the Learning Vector Quantization (LVQ) neural network to perform intrusion alert clustering on the purified intrusion dataset. The experiment results show that the PCA-LVQ model and the balanced-training method are effective: the time costs can be shortened about by three times, and the accuracy of detection can be elevated to a higher level, especially for the U2R and R2L alerts. © Springer-Verlag Berlin Heidelberg 2006.
CITATION STYLE
Wang, J. X., Wang, Z. Y., & Dai, K. (2006). A PCA-LVQ model for intrusion alert analysis. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3975 LNCS, pp. 715–716). Springer Verlag. https://doi.org/10.1007/11760146_102
Mendeley helps you to discover research relevant for your work.