This paper introduces the combined fuzzy-based approaches to detect the anomalous network traffic such as DoS/DDoS or probing attacks, which include Adaptive Neuro-Fuzzy Inference System (ANFIS) and Fuzzy C-Means (FCM) clustering. The basic idea of the algorithm is: at first using ANFIS the original multi-dimensional (M-D) feature space of network connections is transformed to a compact one-dimensional (1-D) feature space, secondly FCM clustering is used to classify the 1-D feature space into the anomalous and the normal. PCA is also used for dimensional reduction of the original feature space during feature extraction. This algorithm combines the advantages of high accuracy in supervised learning technique and high speed in unsupervised learning technique. A publicly available DRAPA/KDD99 dataset is used to demonstrate the approaches and the results show their accuracy in detecting anomalies of the network connections. © Springer-Verlag Berlin Heidelberg 2005.
CITATION STYLE
He, H. T., Luo, X. N., & Liu, B. L. (2005). Detecting anomalous network traffic with combined fuzzy-based approaches. In Lecture Notes in Computer Science (Vol. 3645, pp. 433–442). Springer Verlag. https://doi.org/10.1007/11538356_45
Mendeley helps you to discover research relevant for your work.