Title :
Data mining for intrusion detection
Author :
Dihua, Liu ; Hongzhi, Wang ; Xiumei, Wang
Author_Institution :
Dept. of Comput., Jilin Inst. of Technol., Changchun, China
Abstract :
This paper presents an approach to detect intrusion based on a data mining framework. In the framework, intrusion detection is thought of as a classification. The central idea is to utilize auditing programs to extract an extensive set of features that describe each network connection or host session, and apply data mining programs to learn rules that accurately capture the behavior of intrusions and normal activities. These rules can then be used for misuse detection and anomaly detection. We provide the results from experiments in using classification on real world traffic data
Keywords :
auditing; authorisation; data mining; feature extraction; pattern classification; telecommunication security; anomaly detection; auditing programs; classification; data mining; feature extraction; host session; intrusion detection; misuse detection; network connection; network security; real world traffic data; Computer network reliability; Computer networks; Data mining; Data security; Expert systems; Humans; Information security; Intrusion detection; Monitoring; Telecommunication traffic;
Conference_Titel :
Info-tech and Info-net, 2001. Proceedings. ICII 2001 - Beijing. 2001 International Conferences on
Conference_Location :
Beijing
Print_ISBN :
0-7803-7010-4
DOI :
10.1109/ICII.2001.983486
