Mining Association Rules for Intrusion Detection

Intrusion detection system has been a powerful weapon to protect networks from attacks and has gained more and more attention. Data mining has been proven as an important method to detect intrusions. It has been the recent research focus and trend to apply data mining techniques in intrusion detection system for discovering new types of attacks, but it is still in its infancy. This paper reviews the new development of association rules mining technologies for intrusion detection in wired as well as wireless networks. The challenges and advanced developments of technologies to use association rule mining for intrusion detection are discussed.

[1]  Roberto J. Bayardo,et al.  Efficiently mining long patterns from databases , 1998, SIGMOD '98.

[2]  Kenli Li,et al.  A Maximal Frequent Itemset Algorithm , 2003, RSFDGrC.

[3]  Johannes Gehrke,et al.  MAFIA: a maximal frequent itemset algorithm for transactional databases , 2001, Proceedings 17th International Conference on Data Engineering.

[4]  Tomasz Imielinski,et al.  Mining association rules between sets of items in large databases , 1993, SIGMOD Conference.

[5]  Mohammed J. Zaki,et al.  Efficiently mining maximal frequent itemsets , 2001, Proceedings 2001 IEEE International Conference on Data Mining.

[6]  Christie I. Ezeife,et al.  WiFi Miner: An Online Apriori-Infrequent Based Wireless Intrusion System , 2008, KDD Workshop on Knowledge Discovery from Sensor Data.

[7]  Robert Moskovitch,et al.  Acquisition of Malicious Code Using Active Learning , 2008 .

[8]  Won Suk Lee,et al.  Finding recent frequent itemsets adaptively over online data streams , 2003, KDD '03.

[9]  Philip S. Yu,et al.  Mining Frequent Patterns in Data Streams at Multiple Time Granularities , 2002 .

[10]  Nick Cercone,et al.  2001 IEEE International Conference on Data Mining , 2001 .

[11]  Sushil Jajodia,et al.  ADAM: a testbed for exploring the use of data mining in intrusion detection , 2001, SGMD.

[12]  Salvatore J. Stolfo,et al.  A framework for constructing features and models for intrusion detection systems , 2000, TSEC.

[13]  Mohammed J. Zaki,et al.  ADMIT: anomaly-based data mining for intrusions , 2002, KDD.

[14]  Abdolreza Mirzaei,et al.  Intrusion detection using fuzzy association rules , 2009, Appl. Soft Comput..

[15]  Zhu Xiaorong,et al.  Improvement of Association Rules Mining Algorithm in Wireless Network Intrusion Detection , 2009, 2009 International Conference on Computational Intelligence and Natural Computing.

[16]  Hongjun Lu,et al.  False Positive or False Negative: Mining Frequent Itemsets from High Speed Transactional Data Streams , 2004, VLDB.

[17]  Jian Pei,et al.  Mining Frequent Patterns without Candidate Generation: A Frequent-Pattern Tree Approach , 2006, Sixth IEEE International Conference on Data Mining - Workshops (ICDMW'06).

[18]  Zhu Xiaorong,et al.  The Research on the Application of Association Rules Mining Algorithm in Network Intrusion Detection , 2009, 2009 First International Workshop on Education Technology and Computer Science.

[19]  Ambuj Mahanti,et al.  Strategies for Effective Shilling Attacks against Recommender Systems , 2009, PinKDD.

[20]  Yang Li,et al.  A hybrid data mining anomaly detection technique in ad hoc networks , 2007, Int. J. Wirel. Mob. Comput..

[21]  Rakesh Agrawal,et al.  Parallel Mining of Association Rules , 1996, IEEE Trans. Knowl. Data Eng..

[22]  Mohammed J. Zaki Scalable Algorithms for Association Mining , 2000, IEEE Trans. Knowl. Data Eng..

[23]  Ahmedur Rahman,et al.  WiFi Miner : An Online Apriori-Infrequent Based Wireless Intrusion Detection System , 2008 .

[24]  Barak A. Pearlmutter,et al.  Detecting intrusions using system calls: alternative data models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[25]  Taghi M. Khoshgoftaar,et al.  A clustering approach to wireless network intrusion detection , 2005, 17th IEEE International Conference on Tools with Artificial Intelligence (ICTAI'05).