Skip to main content
SpringerLink
Log in
Book cover

International Conference on Distributed Computing and Networking

ICDCN 2006: Distributed Computing and Networking pp 127–132Cite as

Construction of Adaptive IDS Through IREP++ and ARM

  • Conference paper

  • 543 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4308))

Abstract

Many current IDSs are constructed by manual encoding of expert knowledge; changes to IDSs are expensive and slow. In this paper, we describe adaptively building Intrusion Detection (ID) models. The Central idea is to utilize auditing programs to extract an extensive set of features that describe each network connection or host session, and apply data mining programs to learn rules that accurately capture the behavior of intrusions and normal activities. We used an efficient algorithm for rule generation IREP++, which is able to produce rule sets more quickly and often express the target concept with fewer rules and fewer literals per rule resulting in a concept description that is easier for humans to understand. A new data structure (T-tree) for Association Rule Mining (ARM) is described.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Lunt, T.: Detecting intruders in computer systems. In: Proceedings of the 1993 conference on Auditing and computer Technology (1993)

    Google Scholar 

  2. Fayyad, U., Piatetsky-Shapiro, G., Smyth, P.: The KDD process of extracting useful knowledge from volumes of data. Communications of the ACM 39(11), 27–34 (1996)

    Article  Google Scholar 

  3. Lee, W., Stolfo, S.J.: Data Mining Approach for Intrusion detection. In: Proceedings of the 7th USENIX Security Symposium, San Antonio, TX (January 1998)

    Google Scholar 

  4. Chan, P.K., Stolfo, S.J.: Toward parallel and distributed learning by meta-learning. In: AAAI Workshop in Knowledge Discovery in Databases

    Google Scholar 

  5. Agrawal, R., Imielinski, T., Swami, A.: Mining Association rules between sets of items in large data bases. In: Proceedings of the ACM SIGMOD Conference on Management of Data

    Google Scholar 

  6. Mannila, H., Toivonen, H., Verkamo, A.I.: Discovering frequent episodes in sequences. In: Proceedings of the 1st International conference on Knowledge Discovery in Databases and Data Mining, Monteral, Canada (August 1995)

    Google Scholar 

  7. Breiman, L., Friedman, J.H., Olshen, R.A., Stone, C.J.: Classification and Regression Trees. Chapman and Hall/CRC, Boca Raton (1984)

    MATH  Google Scholar 

  8. Fürnkranz, J., Widmer, G.: Incremental reduced error pruning. In: Machine Learning: Proceedings of the Eleventh Annual Conference, New Brunswick, New Jersey. Morgan Kaufmann, San Francisco (1994)

    Google Scholar 

  9. Lee, W., Stolfo, S.J., Mok, K.W.: A data mining framework for building intrusion detection models. In: Proceedings of the 1999 IEEE Symposium on Security and Privacy (May 1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Engineering, JNTU Anantapur, Andhra Pradesh, India

    Ramakrishna Raju S. & Sreenivasa Rao

Authors
  1. Ramakrishna Raju S.
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sreenivasa Rao
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Iowa State University, 230 Atanasoff Hall, 50011, Ames, IA, USA

    Soma Chaudhuri

  2. Computer Science Department SUNY at Stony Brook Stony Brook, 11794-4400, NY, USA

    Samir R. Das

  3. Department of Computer Science & Engineering, Indian Institute of Technology, 781039, Guwahati, India

    Himadri S. Paul

  4. Dept. of Electrical and Computer Engineering, Iowa State University, 50010, Ames, IA, USA

    Srikanta Tirthapura

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Raju S., R., Rao, S. (2006). Construction of Adaptive IDS Through IREP++ and ARM. In: Chaudhuri, S., Das, S.R., Paul, H.S., Tirthapura, S. (eds) Distributed Computing and Networking. ICDCN 2006. Lecture Notes in Computer Science, vol 4308. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11947950_14

Download citation

  • DOI: https://doi.org/10.1007/11947950_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-68139-7

  • Online ISBN: 978-3-540-68140-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation