Open Access
Subscription Access
Open Access
Subscription Access
A Systematic Framework for Analyzing Audit Data and Constructing Network ID Models
Subscribe/Renew Journal
Intrusion detection system (IDSs) plays a vital role in the infrastructure protection mechanisms and these systems have to be accurate, adaptive and extensible. As the requirements and the complexities of today‟s network environment is becoming more and more, we need a more adaptive framework and automated IDS development process. This article describes a systematic data mining framework for constructing intrusion detection models. We propose to use the association rules and frequent episodes collected from audit data and to use these as basis for guiding the audit data gathering and feature selection processes. Our experiments on DARPA training audit data of network transmission activities showed that classification models can detect intrusions automatically in a more accurate way. We modify the two basic algorithms to use axis attribute(s) and variable attribute(s) to compute the relevant patterns. We use meta-learning as a mechanism to make IDs models more effective and adaptive. We report our experiment‟s results in using our framework on real-world audit data.
Keywords
Intrusion Detection, Classification, Audit Data, Association Rules, Frequent Episodes.
User
Subscription
Login to verify subscription
Font Size
Information
Abstract Views: 239
PDF Views: 3