Skip to main content
SpringerLink
Log in

A Regression Method to Compare Network Data and Modeling Data Using Generalized Additive Model

  • Conference paper
Information Security Applications (WISA 2008)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5379))

Included in the following conference series:

  • 756 Accesses

Abstract

This paper suggests a method to check whether the real network dataset and modeling dataset for real network has statistically similar characteristics. The method we adopt in this paper is a Generalized Additive Model. By using this method, we show how similar the MIT/LL Dataset and the KDD CUP 99’ Dataset are regarding their characteristics. It provided reasonable outcome for us to confirm that MIT/LL Dataset and KDD Cup Dataset are not statistically similar.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aguirre, S.J., Hill, W.H.: Intrusion Detection Fly-Off: Implications for the United States Navy, MITRE Technical Report 97W0000096 (1997)

    Google Scholar 

  2. Puketza, N., Chung, M., Olsson, R.A., Mukherjee, B.: A software platform for testing intrusion detection systems. IEEE Software 14, 43–51 (1997)

    Article  Google Scholar 

  3. Haines, J.W., Laboratory, L.: 1999 DARPA intrusion detection evaluation: design and procedures, Massachusetts Institute of Technology, Lincoln Laboratory, Lexington, Mass (2001)

    Google Scholar 

  4. Lippmann, R., Haines, J., Fried, D.J., Korba, J., Das, K.: Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907, pp. 162–182. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  5. Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 DARPA off-line intrusion detection evaluation. Computer Networks 34, 579–595 (2000)

    Article  Google Scholar 

  6. Lippmann, R.P., Fried, D.J., Graf, I., Haines, J.W., Kendall, K.R., McClung, D., Weber, D., Webster, S.E., Wyschogrod, D., Cunningham, R.K.: Evaluating intrusion detection systems: the 1998 DARPA off-lineintrusion detection evaluation. In: DARPA Information Survivability Conference and Exposition 2 (2000)

    Google Scholar 

  7. Durst, R., Champion, T., Witten, B., Miller, E., Spagnuolo, L.: Testing and evaluating computer intrusion detection systems. Communications of the ACM 42, 53–61 (1999)

    Article  Google Scholar 

  8. Mueller, P., Shipley, G.: Dragon claws its way to the top. Network Computing 20, 45–67 (2001)

    Google Scholar 

  9. Wood, S.N.: The mgcv Package (2007), http://cran.r-project.org/doc/packages/mgcv.pdf

  10. Faraway, J.J.: Linear Models With R. CRC Press, Boca Raton (2005)

    MATH  Google Scholar 

  11. Hastie, T., Tibshirani, R.: Generalized Additive Models. Statistical Science 1, 297–310 (1986)

    Article  MathSciNet  MATH  Google Scholar 

  12. Hastie, T., Tibshirani, R.: Generalized Additive Models: Some Applications. Journal of the American Statistical Association 82, 371–386 (1987)

    Article  MATH  Google Scholar 

  13. Hastie, T., Tibshirani, R.: Generalized additive models. Chapman and Hall/CRC, Boca Raton (1990)

    MATH  Google Scholar 

  14. Wood, S.N.: Generalized additive models: an introduction with R. Chapman and Hall/CRC, Boca Raton (2006)

    MATH  Google Scholar 

  15. Xiang, D.: Fitting Generalized Additive Models with the GAM Procedure, SAS Institute Paper P 256 (2001)

    Google Scholar 

  16. Stolfo, S.: KDD-CUP-99 Task Description, http://kdd.ics.uci.edu/databases/kddcup99/task.html

  17. Elkan, C.: Results of the KDD 1999 classifier learning. ACM SIGKDD Explorations Newsletter 1, 63–64 (2000)

    Article  Google Scholar 

  18. Chatterjee, S., Hadi, A.S.: Regression Analysis by Example, 4th edn. Wiley-Interscience, Hoboken (2006)

    Book  MATH  Google Scholar 

  19. Tanenbaum, A.S.: Computer Networks. Prentice Hall PTR, Englewood Cliffs (2002)

    MATH  Google Scholar 

  20. Stevens, W.R.: TCP/IP Illustrated, vol. I. Addison-Wesley Publishing Company, Reading (1995)

    MATH  Google Scholar 

  21. Kurose, J.F., Ross, K.W.: Computer networking: a top-down approach featuring the Internet. Pearson/Addison Wesley, Boston (2005)

    Google Scholar 

  22. Weisstein, E.W.: Gamma Distribution,WolframMathWorld (2005), http://mathworld.wolfram.com/GammaDistribution.html

  23. Jin, S., Yeung, D.S.: A covariance analysis model for DDoS attack detection. In: 2004 IEEE International Conference on Communications, vol. 4, pp. 1882–1886 (2004)

    Google Scholar 

  24. Seo, J., Lee, C., Shon, T., Moon, J.: SVM approach with CTNT to detect DDoS attacks in grid computing. In: Zhuge, H., Fox, G.C. (eds.) GCC 2005. LNCS, vol. 3795, pp. 59–70. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  25. Chen, Z., Gao, L., Kwiat, K.: Modeling the spread of active worms. In: INFOCOM 2003. Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 3, pp. 1890–1900. IEEE, Los Alamitos (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. The Attached Institute of ETRI, Daejeon, Republic of Korea

    Sooyoung Chae

  2. Center for Information Security Technologies (CIST), Korea University, Seoul, Republic of Korea

    Hosub Lee, Jaeik Cho, Manhyun Jung, Jongin Lim & Jongsub Moon

Authors
  1. Sooyoung Chae
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hosub Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jaeik Cho
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Manhyun Jung
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jongin Lim
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Jongsub Moon
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Information Security Research Division, Electronics and Telecommunications Research Institute (ETRI), 161 Gajeong Dong, YuseongGu, 305-700, Daejeon, Korea

    Kyo-Il Chung

  2. The Attached Institute of Electronics and Telecommunications Research Institute (ETRI), 1 Yuseong-Post, 305-702, Daejeon, Korea

    Kiwook Sohn

  3. Computer Science Department, Google Inc. and Columbia University, 1214 Amsterdam Avenue, NY 10027, New York, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chae, S., Lee, H., Cho, J., Jung, M., Lim, J., Moon, J. (2009). A Regression Method to Compare Network Data and Modeling Data Using Generalized Additive Model. In: Chung, KI., Sohn, K., Yung, M. (eds) Information Security Applications. WISA 2008. Lecture Notes in Computer Science, vol 5379. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00306-6_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-00306-6_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-00305-9

  • Online ISBN: 978-3-642-00306-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation