Application of Local Outlier Factor Algorithm to Detect Anomalies in Computer Network

Juozas Auskalnis, Nerijus Paulauskas, Algirdas Baskys

Abstract


Gap between the new attack appearance and signature creation for this attack may be critical. During this time, many computer systems may be affected and valuable resources may be lost. Even after signature creation, many computer systems still stay vulnerable because of bad security practice, i.e. patches and updates are not installed as needed. Therefore, anomaly intrusion detection system (IDS) that is capable to detect new unknown attacks is valuable security tool. This paper analyses the use of Local Outlier Factor (LOF) to detect anomalies in the computer network. The application of the LOF algorithm for the detection of anomalies when only normal network data are used for the model training has been demonstrated. Experimental results of different threshold values influence on the anomaly detection accuracy using NSL-KDD dataset is presented.

DOI: http://dx.doi.org/10.5755/j01.eie.24.3.20972


Keywords


Intrusion detection; Anomaly detection; Local outlier factor.

Full Text: PDF

Refbacks

  • There are currently no refbacks.


Print ISSN: 1392-1215
Online ISSN: 2029-5731