Title :
Data mining for security applications: Mining concept-drifting data streams to detect peer to peer botnet traffic
Author :
Thuraisingham, Bhavani
Author_Institution :
Univ. of Texas at Dallas, Dallas, TX
Abstract :
The presentation first provide an overview for data mining for security applications and then discuss our research to the botnet problem which follows from an important observation that network traffic (as well as botnet traffic) is a continuous flow of data stream. Conventional data mining techniques are not directly applicable to stream data because of two vital problems associated with them: potentially infinite in length, and concept drift. We propose a technique that can efficiently handle both problems. Our main focus is to adapt three major data mining techniques: classification, clustering, and outlier detection to handle stream data. Our preliminary study on the development of new stream classification techniques for P2P bothnet detection has generated encouraging results. In addition to botnet detection, we also discuss our research on data mining for malicious code detection and intrusion detection.
Keywords :
data mining; pattern classification; pattern clustering; peer-to-peer computing; security of data; classification technique; clustering technique; concept-drifting data stream mining; data mining; intrusion detection; malicious code detection; network traffic; outlier detection technique; peer to peer botnet traffic; security applications; Application software; Computer crime; Computer industry; Computer science; Computer security; Data mining; Data security; Information security; Intrusion detection; Telecommunication traffic;
Conference_Titel :
Intelligence and Security Informatics, 2008. ISI 2008. IEEE International Conference on
Conference_Location :
Taipei
Print_ISBN :
978-1-4244-2414-6
Electronic_ISBN :
978-1-4244-2415-3
DOI :
10.1109/ISI.2008.4565013
