Use of Data Mining in Enhancing IDS Based Security

An important problem in intrusion detection is how effectively can separate the attack patterns and normal data patterns from a large number of network data and how effectively generate automatic intrusion rules after collected raw network data. To accomplish this, various data mining techniques are used such as classification, clustering, association rule mining etc. Examples for Data Mining based Misuse detection model of IDS are JAM (Java Agents for Meta-learning), MADAM ID (Mining Audit Data for Automated Models for Intrusion Detection), and Automated Discovery of Concise Predictive Rules for Intrusion Detection. Ant clustering technique in data mining is a novel approach which uses Ants technique to find the relevant information and put them in various clusters. Since several Ants work in parallel therefore the processing speed of the system is high and in case of large data sets it is worth using Ant clustering to apply. This paper proposes to perform mining on the data collected from the IDS to enhance the speed of detection of intrusion with automatic detection using specific attributes of the intrusions. Various phases of the proposed work perform data collection, cleaning, clustering, detection and alarming system etc.

[1]  P. Prasenna,et al.  Network programming and mining classifier for intrusion detection using probability classification , 2012, International Conference on Pattern Recognition, Informatics and Medical Engineering (PRIME-2012).

[2]  A. John,et al.  Survey on data mining techniques to enhance intrusion detection , 2012, 2012 International Conference on Computer Communication and Informatics.

[3]  Chittur,et al.  Model Generation for an Intrusion Detection System Using Genetic Algorithms , 2001 .

[4]  Li Yin-huan Design of Intrusion Detection Model Based on Data Mining Technology , 2012, 2012 International Conference on Industrial Control and Electronics Engineering.

[5]  Sushil Jajodia,et al.  ADAM: a testbed for exploring the use of data mining in intrusion detection , 2001, SGMD.

[6]  A. K. Pujari,et al.  Data Mining Techniques , 2006 .

[7]  Zhu Lin,et al.  Research into the network security model blended of data stream mining and intrusion detection system , 2012, 2012 7th International Conference on Computer Science & Education (ICCSE).

[8]  Ramakrishnan Srikant,et al.  Fast algorithms for mining association rules , 1998, VLDB 1998.

[9]  Rakesh Agarwal,et al.  Fast Algorithms for Mining Association Rules , 1994, VLDB 1994.

[10]  M. Moorthy,et al.  A study of Intrusion Detection using data mining , 2012, IEEE-International Conference On Advances In Engineering, Science And Management (ICAESM -2012).

[11]  Ramakrishnan Srikant,et al.  Fast Algorithms for Mining Association Rules in Large Databases , 1994, VLDB.

[12]  Biswanath Mukherjee,et al.  Network Intrusion Detection Intrusion detection is a new, retrofit approach for providing a sense of security in existing computers and data networks, while allowing them to operate in their current "open" mode. , 1994 .