Title

A Dynamic Data Mining Technique For Intrusion Detection Systems

Keywords

Anomaly detection; Data mining; Data modeling; Decision tree; Intrusion Detection Systems; Signature detection

Abstract

In today's interconnected world of computer networks, there exists a need to provide secure and safe transactions through the use of firewalls, Intrusion Detection Systems (IDSs), encryption, authentication, and other hardware and software solutions. Many IDS variants exist which allow security managers and engineers to identify attack network packets primarily through the use of signature detection; i.e., the IDS "recognizes" attack packets due to their well-known "fingerprints" or signatures as those packets cross the network's gateway threshold. On the other hand, anomalybased ID systems determine what is normal traffic within a network and reports abnormal traffic behavior. We report the findings of our research in the area of anomaly-based intrusion detection systems using data-mining techniques described in section 3.3 to create a decision tree model of our network using the 1999 DARPA Intrusion Detection Evaluation data set. After the model was created, we gathered more data from our local campus network and ran the new data through the model. Copyright 2005 ACM.

Publication Date

12-1-2005

Publication Title

Proceedings of the Annual Southeast Conference

Volume

2

Number of Pages

2148-2153

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

DOI Link

https://doi.org/10.1145/1167253.1167290

Socpus ID

77951136271 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/77951136271

This document is currently not available here.

Share

COinS