Title

High Performance Data Mining For Network Intrusion Detection

Keywords

Cluster computing; Data mining; Intrusion detection; Network security; Parallel processing

Abstract

Computer intrusion detection is an approach to detect suspected intrusions as soon as possible to reduce the damage to the system and take appropriate actions using the audit data generated by the computers. There are two basic approaches, anomaly detection and misuse detection. Anomaly detection is to define correct behavior of the system, and then to detect abnormal behaviors. Misuse detection is to characterize known intrusion patterns and generate explicit rules to describe them. Then, it monitors for those patterns to indicate an occurrence of intrusion. However, these algorithms are computationally expensive and the audit data are usually too huge to be processed manually or find valuable information heuristically. We use a high performance data mining technique to discover underlying hidden knowledge embedded in large volumes of data. We develop a parallel data mining model for intrusion detection using a parallel backpropagation neural network. We evaluate the performance of the developed model in terms of speedup, prediction rate, and false alarm rate. We also introduce the concurrent programming library we have been developing called Computational Resiliency library (CRlib) to implement the proposed high performance data mining algorithms.

Publication Date

12-1-2004

Publication Title

Proceedings of the IASTED International Conference on Parallel and Distributed Computing and Systems

Volume

16

Number of Pages

632-637

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

Socpus ID

11844291431 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/11844291431

This document is currently not available here.

Share

COinS