Attack classification based on data mining technique and its application for reliable medical sensor communication

Hayoung Oh, Inshil Doh, Kijoon Chae

Research output: Contribution to journalArticlepeer-review

12 Scopus citations

Abstract

Detecting network intrusion has been not only important but also difficult in the network security research area. In Medical Sensor Network(MSN), network intrusion is critical because the data delivered through network is directly related to patients' lives. Traditional supervised learning techniques are not appropriate to detect anomalous behaviors and new attacks because of temporal changes in network intrusion patterns and characteristics in MSN. Therefore, unsupervised learning techniques such as SOM (Self-Organizing Map) are more appropriate for anomaly detection. In this paper, we propose a real-time intrusion detection system based on SOM that groups similar data and visualize their clusters. Our system labels the map produced by SOM using correlations between features. We experiments our system with KDD Cup 1999 data set because MSN data is not available yet. Our system yields the reasonable misclassification rates and takes 0.5 seconds to decide whether a behavior is normal or attack.

Original languageEnglish
Pages (from-to)20-32
Number of pages13
JournalInternational Journal of Computer Science and Applications
Volume6
Issue number3
StatePublished - Jun 2009

Keywords

  • Correlations
  • Countermeasures
  • Medical sensor network
  • Network security
  • Real time intrusion detection system
  • Supervised learning
  • Unsupervised learning

Fingerprint

Dive into the research topics of 'Attack classification based on data mining technique and its application for reliable medical sensor communication'. Together they form a unique fingerprint.

Cite this