Title :
Intrusion discovery with data mining on Honeynet
Author :
Yin, Jian ; Zhang, Gang ; Chen, Yi-qun
Author_Institution :
Dept. of Comput. Sci., Zhongshan Univ., Guangzhou, China
Abstract :
In order to construct a secure network, attack and intrusion mode of intruders are analyzed for improving the capability of IDS and firewall systems. This paper presents a method for constructing a network intrusion and attack detection system on Honeynet, which is a true network that is constructed for the purpose of gathering information of intruders and attackers. Analyzing these data with data mining algorithm can work our attack modes, in this paper, we propose some method for mining patterns on various data from firewall records and log server in Honeynet, and the result can be in various forms such as associated rules of historic data or certain data structures required by IDS and firewall systems.
Keywords :
computer networks; data mining; security of data; Honeynet; data mining; firewall systems; log server; network attack detection system; network intrusion detection system; Abstracts; Computer science; Data analysis; Data mining; Electronic mail; Intrusion detection; Laboratories; Pattern analysis; Production; Productivity;
Conference_Titel :
Machine Learning and Cybernetics, 2003 International Conference on
Print_ISBN :
0-7803-8131-9
DOI :
10.1109/ICMLC.2003.1264439
