Open Access Open Access  Restricted Access Subscription Access

Network Intrusion Detection Using Data Mining and Network Behaviour Analysis


Affiliations
1 Department of Information Systems, King Saud University, Riyadh, South Africa
 

Intrusion detection has become a critical component of network administration due to the vast number of attacks persistently threaten our computers. Traditional intrusion detection systems are limited and do not provide a complete solution for the problem. They search for potential malicious activities on network traffics; they sometimes succeed to find true security attacks and anomalies. However, in many cases, they fail to detect malicious behaviours (false negative) or they fire alarms when nothing wrong in the network (false positive). In addition, they require exhaustive manual processing and human expert interference. Applying Data Mining (DM) techniques on network traffic data is a promising solution that helps develop better intrusion detection systems. Moreover, Network Behaviour Analysis (NBA) is also an effective approach for intrusion detection. In this paper, we discuss DM and NBA approaches for network intrusion detection and suggest that a combination of both approaches has the potential to detect intrusions in networks more effectively.

Keywords

Network Intrusion Detection, Network Behavior Analysis, Data Mining Algorithms.
User
Notifications
Font Size

Abstract Views: 367

PDF Views: 210




  • Network Intrusion Detection Using Data Mining and Network Behaviour Analysis

Abstract Views: 367  |  PDF Views: 210

Authors

Ahmed Youssef
Department of Information Systems, King Saud University, Riyadh, South Africa
Ahmed Emam
Department of Information Systems, King Saud University, Riyadh, South Africa

Abstract


Intrusion detection has become a critical component of network administration due to the vast number of attacks persistently threaten our computers. Traditional intrusion detection systems are limited and do not provide a complete solution for the problem. They search for potential malicious activities on network traffics; they sometimes succeed to find true security attacks and anomalies. However, in many cases, they fail to detect malicious behaviours (false negative) or they fire alarms when nothing wrong in the network (false positive). In addition, they require exhaustive manual processing and human expert interference. Applying Data Mining (DM) techniques on network traffic data is a promising solution that helps develop better intrusion detection systems. Moreover, Network Behaviour Analysis (NBA) is also an effective approach for intrusion detection. In this paper, we discuss DM and NBA approaches for network intrusion detection and suggest that a combination of both approaches has the potential to detect intrusions in networks more effectively.

Keywords


Network Intrusion Detection, Network Behavior Analysis, Data Mining Algorithms.