Centroid-based nearest neighbor feature representation for e-government intrusion detection

Chih Fong Tsai, Jung Hsiang Tsai, Jui Sheng Chou

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

4 Scopus citations

Abstract

Accompanied by the invention of information and communication of technologies, e-government has become a prominent feature of modern governance in every country. The aims of e-government are to promote executive efficiencies, to reduce transaction costs of citizen, and to increase the responsiveness of the public sector. However, the requirement of pursuing these goals is based on the security measures of intrusion detection systems (IDS). If technologies are not advanced enough to distinguish between normal connections and illegal attacks, citizens would be doubtful in using the access of e-government to interact with the public sector and will eventually lose the trust of government. Technically, feature representation is an important key to successful pattern classification. However, very few studies focus on extracting better representative features of normal connections and attacks for better detection. Therefore, this paper proposes a novel feature representation approach by cluster centers and nearest neighbors, namely CANN. In this approach, two distances are measured and summed. The first one is based on the distance between each data sample and its cluster center, and the second distance is between the data and its nearest neighbor in the same cluster. Then, this new and one-dimensional distance based feature is used to represent each data sample for intrusion detection The experimental results based on the KDD-Cup 99 dataset show that CANN not only can make the k-nearest neighbor classifier perform reasonably well, but also provides high computational efficiency for the time of training and testing a classifier.

Original languageEnglish
Title of host publication2012 World Telecommunications Congress, WTC 2012
StatePublished - 2012
Event2012 World Telecommunications Congress, WTC 2012 - Miyazaki, Japan
Duration: 5 Mar 20126 Mar 2012

Publication series

Name2012 World Telecommunications Congress, WTC 2012

Conference

Conference2012 World Telecommunications Congress, WTC 2012
Country/TerritoryJapan
CityMiyazaki
Period5/03/126/03/12

Fingerprint

Dive into the research topics of 'Centroid-based nearest neighbor feature representation for e-government intrusion detection'. Together they form a unique fingerprint.

Cite this