论文信息 - The Use of Data Mining in the Implementation of a Network Intrusion Detection System

The Use of Data Mining in the Implementation of a Network Intrusion Detection System

This paper focuses on the domain of Network Intrusion Detection Systems, an area where the goal is to detect security violations by passively monitoring network traffic and raising an alarm when an attack occurs. But the problem is that new attacks are being deployed all the time. This particular system has been developed using a range of data mining techniques so as to automatically be able to classify network tracffic as normal or intrusive. Here we evaluate decision trees and their performance based on a large data set used in the 1999 KDD cup contest.

John Dunnion | John Sheppard | Joe Carthy

[1] Usama M. Fayyad,et al. Knowledge Discovery in Databases: An Overview , 1997, ILP.

[2] Margaret H. Dunham,et al. Data Mining: Introductory and Advanced Topics , 2002 .

[3] Kristopher Kendall,et al. A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems , 1999 .

[4] Arthur B. Maccabe,et al. The architecture of a network level intrusion detection system , 1990 .

[5] Gregory Piatetsky-Shapiro,et al. The KDD process for extracting useful knowledge from volumes of data , 1996, CACM.

[6] William L. Fithen,et al. State of the Practice of Intrusion Detection Technologies , 2000 .

[7] Tim Bass,et al. Intrusion detection systems and multisensor data fusion , 2000, CACM.