@inproceedings{2dc258c5eaae4c15bd7a2a5bb034576f,
title = "Usage behavior profiling for anomaly detection using vector quantization",
abstract = "In network security community, anomaly detection is the research center as one of the important intrusion detection approaches. Constructing the usage behavior profile is the first important step in anomaly detection. In this paper, using the self-organizing maps (SOM), we propose to design the vector quantization (VQ) framework to build usage profile for anomaly detection. After the feature attribute extraction, the network traffic flow is translated into the feature vector style. And then, the network traffic usage behavior profile can be represented by the VQ codebook from which the behaviour deviation can be measured quantitatively. Via the intrusion detection benchmark data of {"}DARPA Intrusion Detection Evaluation{"} in experiments, it is shown that the network attacks are detected with high detection rates and low false alarms.",
keywords = "Anomaly detection, Codebook, Self-organizing map, Usage behavior profile, Vector quantization",
author = "Jun Zheng and Mingzeng Hu and Hongli Zhang",
year = "2005",
language = "英语",
isbn = "0889864934",
series = "Proceedings of the IASTED International Conference on Communication Systems and Applications, as part of the Fifth IASTED Int. Multi-Conference on Wireless and Optical Communications, CSA 2005",
pages = "107--112",
editor = "A.O. Fapojuwo",
booktitle = "Proceedings of the IASTED International Conference on Communication Systems and Applications, as part of the Fifth IASTED Int. Multi-Conference on Wireless and Optical Communications, CSA 2005",
note = "IASTED International Conference on Communication Systems and Applications, as part of the Fifth IASTED International Multi-Conference on Wireless and Optical Communications, CSA 2005 ; Conference date: 19-07-2005 Through 21-07-2005",
}