论文信息 - A new intrusion detection method based on data-oriented classification of attacks

A new intrusion detection method based on data-oriented classification of attacks

The most acute problem for misuse detection method is its inability to detect new kinds of attacks. A new detection method based on data-oriented classification of attacks is proposed to solve this problem. After analyzing its significance, a practical scheme which uses relevant feature subset codes clustering is designed. Applying Concept Hierarchy Generation for attack Labels (CHGL), inductive learning algorithms can learn attack profiles on high concept levels. Experimental results show the advantage of this method.

Tao Zou | Hua Chen | Cui Zhang | Minhuan Huang

[1] Petra Perner,et al. Data Mining - Concepts and Techniques , 2002, Künstliche Intell..

[2] Vasant Honavar,et al. Automated discovery of concise predictive rules for intrusion detection , 2002, J. Syst. Softw..

[3] Anup K. Ghosh,et al. Detecting anomalous and unknown intrusions against programs , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).

[4] Salvatore J. Stolfo,et al. A data mining framework for building intrusion detection models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[5] S. Jajodia,et al. Information Security: An Integrated Collection of Essays , 1994 .

[6] Vladimir N. Vapnik,et al. The Nature of Statistical Learning Theory , 2000, Statistics for Engineering and Information Science.

[7] Zhang Er-yang. Data Reduction in Network Based on the Intrusion Detection System , 2003 .

[8] Sandeep Kumar,et al. Classification and detection of computer intrusions , 1996 .

[9] Risto Miikkulainen,et al. Intrusion Detection with Neural Networks , 1997, NIPS.

[10] Roger R. Schell,et al. Essay 1 What Is There to Worry About ? An Introduction to the Computer Security Problem , 2006 .

[11] William W. Cohen. Fast Effective Rule Induction , 1995, ICML.

[12] Pla Uni,et al. A Novel Clustering-Based Method to Network Intrusion Detection , 2002 .