Title :
Implementation of sequence patterns mining in network intrusion detection system
Author :
Xiang-Rong, Yang ; Qin-bao, Song ; Jun-Yi, Shen
Author_Institution :
Dept. of Comput. Sci. & Technol., Xi´´an Jiaotong Univ., China
Abstract :
In this paper we present a frequent sequence pattern mining-based algorithm used for network intrusion detection, which is an application and extension of the SPADE algorithm. It is based on the idea that much behavior on the network appears as sequences of activities, according to the sequence patterns we computed, we can construct the intrusion rule base and legal action rule base, then we can detect known and novel intrusion activities by rule matching. In addition, when the system is running, we use an incremental sequence pattern mining algorithm to complement the rule library in order to avoid re-executing the algorithm on the entire dataset, thereby reducing execution time. The experimental results indicate that this algorithm is efficient enough to meet the needs for active detection of intrusion. Compared with most existing methods used in commercial systems which are built using purely knowledge engineering approaches, our algorithm is more intelligent and adaptive
Keywords :
authorisation; computer network management; data mining; telecommunication security; SPADE algorithm; active detection; computer information security; incremental sequence pattern mining; intrusion rule base; legal action rule base; network intrusion detection; rule matching; Application software; Change detection algorithms; Computer networks; Computer science; Information security; Intrusion detection; Knowledge engineering; Law; Legal factors; Transaction databases;
Conference_Titel :
Info-tech and Info-net, 2001. Proceedings. ICII 2001 - Beijing. 2001 International Conferences on
Conference_Location :
Beijing
Print_ISBN :
0-7803-7010-4
DOI :
10.1109/ICII.2001.983488
