An Anomaly Intrusion Detection System Based on Vector Quantization

Jun ZHENG  Mingzeng HU  

IEICE TRANSACTIONS on Information and Systems   Vol.E89-D   No.1   pp.201-210
Publication Date: 2006/01/01
Online ISSN: 1745-1361
DOI: 10.1093/ietisy/e89-d.1.201
Print ISSN: 0916-8532
Type of Manuscript: Special Section PAPER (Special Section on New Technologies and their Applications of the Internet III)
Category: Intrusion Detection
anomaly intrusion detection,  usage profile,  vector quantization,  codebook,  quantization error,  

Full Text: PDF(2.7MB)>>
Buy this Article

Machine learning and data mining algorithms are increasingly being used in the intrusion detection systems (IDS), but their performances are laggard to some extent especially applied in network based intrusion detection: the larger load of network traffic monitoring requires more efficient algorithm in practice. In this paper, we propose and design an anomaly intrusion detection (AID) system based on the vector quantization (VQ) which is widely used for data compression and high-dimension multimedia data index. The design procedure optimizes the performance of intrusion detection by jointly accounting for accurate usage profile modeling by the VQ codebook and fast similarity measures between feature vectors to reduce the computational cost. The former is just the key of getting high detection rate and the later is the footstone of guaranteeing efficiency and real-time style of intrusion detection. Experiment comparisons to other related researches show that the performance of intrusion detection is improved greatly.