Developing Custom Intrusion Detection Filters Using Data Mining
نویسندگان
چکیده
One aspect of constructing secure networks is identifying unauthorized use of those networks. Intrusion Detection systems look for unusual or suspicious activity, such as pattems of network trafic that are likely indicators of unauthorized activity. However, normal operation often produces trafic that matches likely “attack signatures”, resulting in false alarms. We are using data mining techniques to identify sequences of alarms that likely result from normal behavior, enabling construction of filters to eliminate those alarms. This can be done at low cost for specific environments, enabling the construction of customized intrusion detection filters. We present our approach, and preliminary results identifying common sequences in alarms from a particular environment.
منابع مشابه
Developing custom intrusion detection filters using data mining - MILCOM 2000. 21st Century Military Communications Conference Proceedings
One aspect of constructing secure networks is identifying unauthorized use of those networks. Intrusion Detection systems look for unusual or suspicious activity, such as pattems of network trafic that are likely indicators of unauthorized activity. However, normal operation often produces trafic that matches likely “attack signatures”, resulting in false alarms. We are using data mining techni...
متن کاملData Mining Techniques For Intrusion Detection System
Reddy et al (20) also presented a survey of various data mining techniques for intrusion detection system. Subramanian et al (21) presented the performance. Developing a Hybrid Intrusion Detection System Using Data Mining for A data mining technique called common path mining is used to automatically. The proposed hybrid technique combines data mining approaches like K Novel intrusion detection ...
متن کاملComparative Study of Data Mining and Machine Learning Approach for Anomaly Detection
The intrusion detection systems (IDSs) have attracted more researchers from last two decades. The much more work has been done in IDS. But still, there are some problems remain unsolved like false positive rate and detection accuracy. The various approaches are used in developing IDS; some of these are data mining, machine learning, statistic-based, and rule-based approaches. In this paper, we ...
متن کاملInvestigation of Feature Selection and Ensemble Methods for Performance Improvement of Intrusion Attack Classification
The security of a computer system is compromised when an intrusion takes place. The popularization of shared networks and Internet usage demands increases attention on information system security. Importance of Intrusion detection system (IDS) in computer network security well proven. Data mining approach can play very important role in developing intrusion detection system. Classification is i...
متن کاملFuzzy Data Mining and Genetic Algorithms Applied to Intrusion Detection
We are developing a prototype intelligent intrusion detection system (IIDS) to demonstrate the effectiveness of data mining techniques that utilize fuzzy logic and genetic algorithms. This system combines both anomaly based intrusion detection using fuzzy data mining techniques and misuse detection using traditional rule-based expert system techniques. The anomaly-based components are developed...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2000