Title :
A New Method of Data Preprocessing for Network Security Situational Awareness
Author :
Lu, Aiping ; Li, Jianping ; Yang, Lin
Author_Institution :
Sch. of Comput. & Inf. Technol., Northeast Pet. Univ., Daqing, China
Abstract :
Network Security Situational Awareness(NSSA) has been a hot research in the network security domain.The amount of data from network attacks from Intrusion Detection System (IDS),and hosts´vulnerabilities and the hosts´states is very large.If we use the large amount of data as the NSSA elements directly,the algorithm of data processing must collapse or use a very long time. So in this paper,a method of data preprocessing for NSSA based on conditional random fields(CRFs) is proposed.This method takes advantages of the CRFs models which can stitch to sequence data marking and add random attributes.It uses varied connection information and its relativity in network connection information data sequence as well as the feature sets relativity to attack detection and discovery of abnormal phenomenon. It uses KDD Cup 1999 data sets as experimental data and comes to a conclusion that our proposed method is practicable,reliable and efficient.
Keywords :
computer network security; random processes; set theory; KDD Cup 1999 data sets; attack detection; conditional random field; data preprocessing; feature set relativity; intrusion detection system; network security situational awareness; random attribute; sequence data marking; Data models; Data preprocessing; Feature extraction; Hidden Markov models; Intrusion detection; Training data;
Conference_Titel :
Database Technology and Applications (DBTA), 2010 2nd International Workshop on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-6975-8
Electronic_ISBN :
978-1-4244-6977-2
DOI :
10.1109/DBTA.2010.5659017
