Open AccessHIERARCHICAL CLUSTERING ALGORITHM FOR DETECTING ANOMALOUS PROFILES IN COMPUTER SYSTEMS
Author(s) -
Rachid Beghdad
Publication year - 2014
Publication title -
computing
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.184
H-Index - 11
eISSN - 2312-5381
pISSN - 1727-6209
DOI - 10.47839/ijc.7.3.526
Subject(s) - computer science , intrusion detection system , cluster analysis , data mining , hierarchy , robustness (evolution) , hierarchical clustering , unix , anomaly based intrusion detection system , anomaly detection , algorithm , machine learning , software , programming language , biochemistry , chemistry , economics , gene , market economy
We introduce a new intrusion detection method based on the Hierarchical Clustering Algorithm (HCA), to detect anomalous user’s profiles. In the Unix system, a simple user has only some privileges (can access to some resources), but the root user has more privileges. So, we can speak here about hierarchy of users. By the same way, we can use a hierarchy of users in intrusion detection field, to distinguish between the normal user and suspicious user. Many data mining methods were already used in previous works in intrusion detection. Even if some of them led to interesting results, but they still suffer from some weaknesses. This is the reason why we focused in this study on the use of the HCA to detect anomalous profiles. A survey of intrusion detection methods is presented. The HCA procedure is described in detail. Our simulation results demonstrate the robustness of our approach in comparison to some previous used methods.