R. Smith, N. Japkowicz, and M. Dondo (Canada)
Clustering, Autoassociator, Neural Networks, Correlation, IDS
An autoassociator is a feedforward neural network that has the same number of input and output units. The goal of the autoassociator is very simple; to reconstruct its input at the output layer. Despite their simplicity, autoassociators have previously been shown to be quite successful on the task of Novelty Detection applied to industrial and military domains. The purpose of this paper is to test their utility on the more general task of clustering. In particular, we apply a clustering version of the autoassociator to the domain of Network Event Correlation. The results suggest that autoassociators are in deed useful as clustering systems. They were able to success fully correlate similar types of network alerts and have the added advantage of being fast once trained, a crucial feature when used for Network Event Correlation.
Important Links:
Go Back
