Title :
Data stream mining architecture for network intrusion detection
Author :
Chu, Nelson C N ; Williams, Adepele ; Alhajj, Reda ; Barker, Ken
Author_Institution :
Dept. of Comput. Sci., Calgary Univ., Alta., Canada
Abstract :
In this paper, we propose a stream mining architecture which is based on a single-pass approach. Our approach can be used to develop efficient, effective, and active intrusion detection mechanisms which satisfy the near real-time requirements of processing data streams on a network with minimal overhead. The key idea is that new patterns can now be detected on-the-fly. They are flagged as network attacks or labeled as normal traffic, based on the current network trend, thus reducing the false alarm rates prevalent in active network intrusion systems and increasing the low detection rate which characterizes passive approaches.
Keywords :
computer networks; data mining; security of data; telecommunication security; active network intrusion detection systems; data stream mining architecture; false alarm rates; network attacks; single-pass approach; Availability; Computer architecture; Computer networks; Computer science; Computerized monitoring; Data mining; Information resources; Intrusion detection; Telecommunication traffic; Telephony;
Conference_Titel :
Information Reuse and Integration, 2004. IRI 2004. Proceedings of the 2004 IEEE International Conference on
Print_ISBN :
0-7803-8819-4
DOI :
10.1109/IRI.2004.1431488
