• DocumentCode
    2133427
  • Title

    Entropy based intrusion detection

  • Author

    Yoshida, Kenichi

  • Author_Institution
    Graduate Sch. of Bus. Sci., Tsukuba Univ., Tokyo, Japan
  • Volume
    2
  • fYear
    2003
  • fDate
    28-30 Aug. 2003
  • Firstpage
    840
  • Abstract
    An intrusion detection system is an important component in protecting computer security. Most of the current commercially available intrusion detection systems use signature-based rules to detect attacks. A serious defect-with this approach is that it only detects attacks that have been seen previously. It cannot detect newly encountered attacks. As a means to overcome this defect, various research has been undertaken using data mining to automatically detect newly encountered attacks. Our research follows this approach. However, we propose the use of an entropy based data mining method without using the APRIORI based data mining method which is commonly used in the previous research on intrusion detection. Because the results of APRIORI are noisy, post-processing of its results are necessary. However, the use of entropy alleviates this defect.
  • Keywords
    data mining; entropy; safety systems; attack automatic detection; computer security protection; data mining; entropy based intrusion detection; Association rules; Business; Computer networks; Computer security; Data mining; Engines; Entropy; Intrusion detection; Learning systems; Protection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communications, Computers and signal Processing, 2003. PACRIM. 2003 IEEE Pacific Rim Conference on
  • Print_ISBN
    0-7803-7978-0
  • Type

    conf

  • DOI
    10.1109/PACRIM.2003.1235912
  • Filename
    1235912
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2133427