论文信息 - Integrating Data Mining Techniques with Intrusion Detection Methods

Integrating Data Mining Techniques with Intrusion Detection Methods

Intrusion detection systems like NIDES depend on the ability to characterize a user's past behavior based on his/her usage patterns. The characterization is typically made in terms of statistics drawn on system parameters such as CPU, I/0 and network loads, and file access patterns. For example, NIDES main tains statistics on approximately 25 such parameters for each user. The cost of data collection, statistics computation, and intrusion detection are directly pro portional to the number of parameters maintained per user. If we would like to achieve real-time responses to intrusion detection, then we need to minimize the number of parameters without adversely affecting the detection capabilities. In this chapter, we propose to use some of the feature reduction and selection tech niques commonly used in data mining applications to reduce the computational and storage requirements of the intrusion detection methods. Since typically sev eral of the user behavioral parameters are correlated, applying these techniques may reduce the number of parameters needed to represent the user behavior.

Sushil Jajodia | Ravi Mukkamala | Jason Gagnon

[1] Tsau Young Lin,et al. Security and Data Mining , 1995, DBSec.

[2] Carla E. Brodley,et al. Applying classification algorithms in practice , 1997, Stat. Comput..

[3] Ramon E. Henkel. Tests of Significance , 1976 .

[4] Pieter Adriaans,et al. Data mining , 1996 .

[5] Gopal Kanji,et al. 100 Statistical Tests , 1994 .

[6] Ray Jain,et al. The art of computer systems performance analysis - techniques for experimental design, measurement, simulation, and modeling , 1991, Wiley professional computing.

[7] Harold S. Javitz,et al. The SRI IDES statistical anomaly detector , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[8] Mike James,et al. Classification Algorithms , 1986, Encyclopedia of Machine Learning and Data Mining.

[9] Sholom M. Weiss,et al. Predictive data mining - a practical guide , 1997 .

[10] Casimir A. Kulikowski,et al. Computer Systems That Learn: Classification and Prediction Methods from Statistics, Neural Nets, Machine Learning and Expert Systems , 1990 .

[11] Sholom M. Weiss,et al. Rule-based Machine Learning Methods for Functional Prediction , 1995, J. Artif. Intell. Res..