Detection of DoS attack time interval sequences on network traffic

As the total amount of traffic data in networks has been growing at an alarming rate, there is currently a substantial body of research that attempts to mine traffic data with the purpose of obtaining useful information. Many intrusions aren't composed by single events, but a series of attack steps in chronological order. Analyzing the order in which events occur can improve the attack detection accuracy and reduce false alarms. This is because, very often, intrusion is a multi step process in which a number of events must occur sequentially in order to launch a successful attack. Therefore, sequential pattern mining algorithms are applied to intrusion detection to mine the order correlation about time sequential data, and then it can detect this kind of attack. Sequential pattern mining is an important data mining problem with broad applications. In this paper, we have implemented I-Apriori a candidate generation algorithm and I- PrefixSpan a pattern growth algorithm to detect time interval denial of service (DoS) attack sequences on network traffic data of KDD Cup 1999, 10 percent of training dataset, which is the annual Data Mining and Knowledge Discovery competition organized by ACM Special Interest Group on Knowledge Discovery and Data Mining, the leading professional organization of data miners. The comparison study is done on the number of patterns and on the average length of patterns obtained by varying the time interval of the sequential patterns.

[1]  Umeshwar Dayal,et al.  FreeSpan: frequent pattern-projected sequential pattern mining , 2000, KDD '00.

[2]  Qiming Chen,et al.  PrefixSpan,: mining sequential patterns efficiently by prefix-projected pattern growth , 2001, Proceedings 17th International Conference on Data Engineering.

[3]  S. S. Chen,et al.  Amalgamation of IDS Classification with Fuzzy Techniques for Sequential Pattern Mining , 2011 .

[4]  Xue Anrong,et al.  Application of sequential patterns based on user’s interest in intrusion detection , 2008, 2008 IEEE International Symposium on IT in Medicine and Education.

[5]  Ramakrishnan Srikant,et al.  Fast algorithms for mining association rules , 1998, VLDB 1998.

[6]  Ping-Yu Hsu,et al.  Mining hybrid sequential patterns and sequential rules , 2002, Inf. Syst..

[7]  Mohammed J. Zaki,et al.  ADMIT: anomaly-based data mining for intrusions , 2002, KDD.

[8]  Mohammed J. Zaki,et al.  SPADE: An Efficient Algorithm for Mining Frequent Sequences , 2004, Machine Learning.

[9]  Wenke Lee,et al.  A Data Mining Framework for Adaptive Intrusion Detection ∗ , 1998 .

[10]  Yin Qing Research on Technology of Intrusion Detection Based on Linear Prediction and Markov Model , 2005 .

[11]  Yen-Liang Chen,et al.  Discovering fuzzy time-interval sequential patterns in sequence databases , 2005, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[12]  Salvatore J. Stolfo,et al.  A data mining framework for building intrusion detection models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[13]  Ding Li An Application of Sequential Pattern Mining in Network Alarm Data Analyses , 2004 .

[14]  Alpa Reshamwala,et al.  An Approach to Optimize Fuzzy Time-Interval Sequential Patterns Using Multi-objective Genetic Algorithm , 2011 .

[15]  Salvatore J. Stolfo,et al.  Data Mining Approaches for Intrusion Detection , 1998, USENIX Security Symposium.

[16]  Wang Meilin Intrusion Detection Based on Fuzzy Logic and Immune GA , 2006 .

[17]  Stephanie Forrest,et al.  Intrusion Detection Using Sequences of System Calls , 1998, J. Comput. Secur..

[18]  Ramakrishnan Srikant,et al.  Mining Sequential Patterns: Generalizations and Performance Improvements , 1996, EDBT.

[19]  Wang Weiping Computer Intrusion Detection Based on PrefixSpan , 2003 .

[20]  Zhu Wan-tao Audit-oriented sequence mining algorithm with strict constraints , 2006 .

[21]  Ming-Tat Ko,et al.  Discovering time-interval sequential patterns in sequence databases , 2003, Expert Syst. Appl..

[22]  Ramakrishnan Srikant,et al.  Mining sequential patterns , 1995, Proceedings of the Eleventh International Conference on Data Engineering.

[23]  R. Suganya,et al.  Data Mining Concepts and Techniques , 2010 .