An unsupervised method for intrusion detection using spectral clustering

  • Gujral S
  • Ortiz E
  • Syrmos V
  • 1


    Mendeley users who have this article in their library.
  • N/A


    Citations of this article.


In this paper we present an unsupervised approach for
intrusion detection based on spectral
clustering (SC). Recently spectral
clustering has gained wider application
because of its promising results on several challenging clustering
problems [1]. SC uses spectral graph
theory to form a Laplacian matrix where
the first k eigenvectors of this matrix are clustered
using k-means to form representative clusters.
The representative clusters are labeled
normal or anomalous according to an assignment heuristic. We have
provided different techniques to detect
intrusions (or anomalies) which are scattered uniformly and
form small clusters of anomalous data.
To improve the clustering results, the
scattered anomalies are detected and
removed before representative clusters
are formed using SC. For evaluation,
a synthetic and real data set (KDD Cup
1999) are used and our results show
that the application of SC is a promising approach to the development
of an intrusion detection system. From the experiments we demonstrate
that the application of SC yields a detection rate (DR) in the range
of 91%-100% with the false positive rate (FPR) being less than 4.5%.

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in


  • S Gujral

  • E Ortiz

  • V L Syrmos

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free