Anomaly intrusion detection model using data mining techniques
Intrusion detection system has become an important component of a network infrastructure protection mechanism. There are generally two main methods or techniques in intrusion detection; misuse detection and anomaly detection. While it is imperative for IDSs to be adaptive and extensible in today’s n...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Conference or Workshop Item |
| Published: |
2006
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/24653/ http://comp.utm.my/pars/files/2013/04/ANOMALY-INTRUSION-DETECTION-MODEL-USING-DATA-MINING-TECHNIQUES.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Teknologi Malaysia |
| id |
my.utm.24653 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.246532017-02-07T07:33:04Z http://eprints.utm.my/id/eprint/24653/ Anomaly intrusion detection model using data mining techniques Abdullah, Abdul Hanan Rusli, Rozana QA Mathematics Intrusion detection system has become an important component of a network infrastructure protection mechanism. There are generally two main methods or techniques in intrusion detection; misuse detection and anomaly detection. While it is imperative for IDSs to be adaptive and extensible in today’s network computing environment, a more systematic and automated approach is required in building such system. A data-centric point of view is taken to consider intrusion detection as a data analysis process where data mining techniques can be applied. This research focuses on the various data mining techniques for anomaly based intrusion detection system. The key idea is to conduct a comparative study of several data mining techniques for analysing large intrusion detection data sets. Evaluations are done using unsupervised anomaly detection schemes on the DARPA’98 data sets and real network traffic. Unsupervised learning method is used to be able to detect novel attacks not seen before as well as due to the dynamic nature of attacks characteristics. In addition, the evalution is to identify accuracy in detecting the different types of network intrusions ranging from both time-based and content-based attacks. The detection performance is measured by its detection accuracies and ROC (Receiver’s Operating Characteristics) curves. Results from this evaluation shall lead to the proposal for an anomaly intrusion detection model of an effective network intrusion detection system based on the criteria of mesurement. 2006 Conference or Workshop Item PeerReviewed Abdullah, Abdul Hanan and Rusli, Rozana (2006) Anomaly intrusion detection model using data mining techniques. In: Proc. Postgraduate Annual Research Seminar 2006 (PARS 2006) , 2006, UTM. http://comp.utm.my/pars/files/2013/04/ANOMALY-INTRUSION-DETECTION-MODEL-USING-DATA-MINING-TECHNIQUES.pdf |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| topic |
QA Mathematics |
| spellingShingle |
QA Mathematics Abdullah, Abdul Hanan Rusli, Rozana Anomaly intrusion detection model using data mining techniques |
| description |
Intrusion detection system has become an important component of a network infrastructure protection mechanism. There are generally two main methods or techniques in intrusion detection; misuse detection and anomaly detection. While it is imperative for IDSs to be adaptive and extensible in today’s network computing environment, a more systematic and automated approach is required in building such system. A data-centric point of view is taken to consider intrusion detection as a data analysis process where data mining techniques can be applied. This research focuses on the various data mining techniques for anomaly based intrusion detection system. The key idea is to conduct a comparative study of several data mining techniques for analysing large intrusion detection data sets. Evaluations are done using unsupervised anomaly detection schemes on the DARPA’98 data sets and real network traffic. Unsupervised learning method is used to be able to detect novel attacks not seen before as well as due to the dynamic nature of attacks characteristics. In addition, the evalution is to identify accuracy in detecting the different types of network intrusions ranging from both time-based and content-based attacks. The detection performance is measured by its detection accuracies and ROC (Receiver’s Operating Characteristics) curves. Results from this evaluation shall lead to the proposal for an anomaly intrusion detection model of an effective network intrusion detection system based on the criteria of mesurement. |
| format |
Conference or Workshop Item |
| author |
Abdullah, Abdul Hanan Rusli, Rozana |
| author_facet |
Abdullah, Abdul Hanan Rusli, Rozana |
| author_sort |
Abdullah, Abdul Hanan |
| title |
Anomaly intrusion detection model using data mining techniques |
| title_short |
Anomaly intrusion detection model using data mining techniques |
| title_full |
Anomaly intrusion detection model using data mining techniques |
| title_fullStr |
Anomaly intrusion detection model using data mining techniques |
| title_full_unstemmed |
Anomaly intrusion detection model using data mining techniques |
| title_sort |
anomaly intrusion detection model using data mining techniques |
| publishDate |
2006 |
| url |
http://eprints.utm.my/id/eprint/24653/ http://comp.utm.my/pars/files/2013/04/ANOMALY-INTRUSION-DETECTION-MODEL-USING-DATA-MINING-TECHNIQUES.pdf |
| _version_ |
1643647521898102784 |