Title :
Architecture-Centric Network Behavior Model Generation for Detecting Internet Worms
Author :
Paek, Seung-Hyun ; Sohn, KiWook
Author_Institution :
Nat. Security Technol. Inst., Daejeon
Abstract :
Data mining techniques have been popular in the research area of intrusion detections. However, most researches have mainly focused on the intrusion detection in the view of model generation techniques, but not in the view of system architectures. In this paper, we propose the architecture of network-intrusion detection model generation system. Our architecture creates candidate models by various data mining techniques and one new technique (sC4.5) for the network behavior data set and then elects the best appropriate model according to user requirements after evaluating candidate models. We also present sC4.5 as a decision tree classification algorithm by complimenting existing C4.5 algorithm. sC4.5 preserves classification accuracy like C4.5 and makes the decision tree smaller than C4.5.
Keywords :
Internet; data mining; decision trees; security of data; Internet worms; architecture-centric network behavior model generation; data mining techniques; decision tree classification algorithm; intrusion detections; sC4.5; system architectures; Classification algorithms; Classification tree analysis; Data mining; Data security; Decision trees; IP networks; Intelligent networks; Intrusion detection; Pervasive computing; Support vector machines;
Conference_Titel :
Intelligent Pervasive Computing, 2007. IPC. The 2007 International Conference on
Conference_Location :
Jeju City
Print_ISBN :
978-0-7695-3006-2
DOI :
10.1109/IPC.2007.58
