OMC-IDS: At the Cross-Roads of OLAP Mining and Intrusion Detection

Due to the growing threat of network attacks, the efficient detection as well as the network abuse assessment are of paramount importance. In this respect, the Intrusion Detection Systems (IDS) are intended to protect information systems against intrusions. However, IDS are plugged with several problems that slow down their development, such as low detection accuracy and high false alarm rate. In this paper, we introduce a new IDS, called OMC-IDS, which integrates data mining techniques and On Line Analytical Processing (OLAP) tools. The association of the two fields can be a powerful solution to deal with the defects of IDS. Our experiment results show the effectiveness of our approach in comparison with those fitting in the same trend.

[1]  Engelbert Mephu Nguifo,et al.  Revisiting Generic Bases of Association Rules , 2004, DaWaK.

[2]  J. L. Rana,et al.  Intrusion Detection using C4.5: Performance Enhancement by Classifier Combination , 2010 .

[3]  Zhu Qiu-ping,et al.  Association rules applied to intrusion detection , 2002, Wuhan University Journal of Natural Sciences.

[4]  Rokia Missaoui,et al.  OLEMAR: An Online Environment for Mining Association Rules in Multidimensional Data , 2008 .

[5]  Tomasz Imielinski,et al.  Mining association rules between sets of items in large databases , 1993, SIGMOD Conference.

[6]  Wenke Lee,et al.  A Data Mining Framework for Constructing Features and Models for Intrusion Detection Systems , 1999 .

[7]  Anoop Singhal,et al.  Data Warehousing and Data Mining Techniques for Computer Security (Advances in Information Security) , 2005 .

[8]  Lior Rokach,et al.  Data Mining And Knowledge Discovery Handbook , 2005 .

[9]  Sushil Jajodia,et al.  Data Mining for Intrusion Detection , 2005, Data Mining and Knowledge Discovery Handbook.

[10]  Magdalena Balazinska,et al.  On-Demand View Materialization and Indexing for Network Forensic Analysis , 2007, NetDB.

[11]  Nicolas Pasquier,et al.  Efficient Mining of Association Rules Using Closed Itemset Lattices , 1999, Inf. Syst..

[12]  Salvatore J. Stolfo,et al.  A framework for constructing features and models for intrusion detection systems , 2000, TSEC.

[13]  György J. Simon,et al.  Data Mining for Cyber Security , 2006 .

[14]  Surajit Chaudhuri,et al.  An overview of data warehousing and OLAP technology , 1997, SGMD.