Network Intrusion Detection System (NIDS)

Author

Raghunath, B.R. ; Mahadeo, S.N.

fYear

2008

fDate

16-18 July 2008

Firstpage

1272

Lastpage

1277

Abstract

This paper introduces the network intrusion detection system (NIDS), which uses a suite of data mining techniques to automatically detect attacks against computer networks and systems. This paper focuses on two specific contributions: (i) an unsupervised anomaly detection technique that assigns a score to each network connection that reflects how anomalous the connection is, and (ii) an association pattern analysis based module that summarizes those network connections that are ranked highly anomalous by the anomaly detection module. Experimental results show that our anomaly detection techniques are successful in automatically detecting several intrusions that could not be identified using popular signature-based tools .Furthermore, given the very high volume of connections observed per unit time, association pattern based summarization of novel attacks is quite useful in enabling a security analyst to understand and characterize emerging threats.

Keywords

computer networks; digital signatures; NIDS; anomaly detection module; association pattern analysis; computer networks; network intrusion detection system; signature-based tools; unsupervised anomaly detection technique; Computer networks; Data engineering; Data mining; Detection algorithms; Educational institutions; Intrusion detection; Pattern analysis; Performance analysis; Telecommunication traffic; Testing; anomaly detection; association pattern analysis; network intrusion detection;

fLanguage

English

Publisher

ieee

Conference_Titel

Emerging Trends in Engineering and Technology, 2008. ICETET '08. First International Conference on

Conference_Location

Nagpur, Maharashtra

Print_ISBN

978-0-7695-3267-7

Electronic_ISBN

978-0-7695-3267-7

Type

conf

DOI

10.1109/ICETET.2008.252

Filename

4580100