Abstract
Significant security problem for networked systems is hostile trespass by users or software. Intruder is one of the most publicized threats to security. Network Intrusion Detection Systems (NIDS) have become a standard component in network security infrastructures. This paper presents the features of signature based NIDS in addition to the current state-of-the-art of Data Mining based NIDS approaches. Moreover, the paper provides general guidance for open research areas and future directions. The intention of this survey is to give the reader a broad overview of the work that has been done at the intersection between intrusion detection and data mining.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Zhu, Dan, Premkumar, G, Zhang, Xiaoning, Chu, Chao-Hsien (2001) A comparison of alternative methods. [Online] Available from: http://findarticles.com/p/articles/mi_qa3713/is_200110/ai_n8954240.
Marinova V,(2007) A Short Survey of Intrusion Detection Systems*, problems of engineering cybernetics and robotics, 58.
Brugger ,T(June 9, 2004) University of California, Davis Data Mining Methods for Network Intrusion Detection 1...56.
Kuok C., Fu A., Wong M.,(2001) “Mining fuzzy association rules in databases” SIGMOD Record 17 (1) 41–46.
Julisch, K. & Dacier, M. (2002). Mining Intrusion Detection Alarms for Actionable Knowledge. Proc. of SIGKDD02, 366–375.
Dunham M (2003) Data mining Introductory and advance Topics, Pearson Education. Inc.
Forrest, S., S. A. Hofmeyr, and A. Somayaji (1997, October). Computer immunology. Communications of the ACM 40 (10), 88–96.
Hofmeyr, S. A. and S. Forrest (1999). Immunizing computer networks: Getting all the machines in your network to fight the hacker disease. In Proc. of the 1999 IEEE Symp. on Security and Privacy, Oakland, CA. IEEE Computer Society Press.
Dokas P., Ertoz L.(2002), Data Mining for Network intrusion detection ,- Proc.NFS workshop on next generation data mining , csee.umbc.edu , 21–29.
Lee, W. and S. J. Stolfo (2000). A framework for constructing features and models for intrusion detection systems. Information and System Security 3 (4), 227–261.
Chandola V, Eilertson E, Ertoz L, Simon G, and Kumar V,, Data Mining for Cyber Security,(2006) Data Warehousing and Data Mining Techniques for Computer Security, editor Anoop Singhal, Springer.
Lee, W. K. W. Mok, and S. J. Stolfo(1998). Mining sequential patterns: Techniques, visualization, and applications. Submitted for publication, August 1998.1–9.
Ert¨oz, L , Eilertson, E, Aleksandar Lazarevic, Pang-Ning Tan_ , Vipin Kumar (2004) MINDS - Minnesota Intrusion Detection System , Technical report at university of Minnesota 1..21.
Chittur, A. (2001). Model generation for an intrusion detection system using genetic algorithms. High School Honors Thesis, Ossining High School. In cooperation with Columbia University, 3 – 19.
Neri, F. (2000a, 16–19 July). Comparing local search with respect to genetic evolution to detect intrusion in computer networks. In Proc. of the 2000 Congress on Evolutionary Computation CEC00, La Jolla, CA, pp. 238– 243. IEEE Press.
Fan, W. (2001). Cost-Sensitive, Scalable and Adaptive Learning Using Ensemble- based Methods. Ph. D. thesis, Columbia Univ.
Yeung, D.-Y. And C. Chow (2002, 11–15 August). Parzen- window network intrusion detectors. In Proc. of the Sixteenth International Conference on Pattern Recognition, Volume 4, Quebec City, Canada, pp. 385–388. IEEE Computer Society.
Peng, †. T, Zuo, W,(February 2006) IJCSNS International Journal of Computer Science and Network Security, VOL.6 No.2B.
Phua1C, lee1 V, Smith1 K & ross gayler2, A Comprehensive Survey of Data Mining-based Fraud Detection Research Final version 2: 9/02/2005
Mukkamala, S., A. H. Sung, and A. Abraham (2002). Identifying key variables for intrusion detection using soft computing. http://citeseer.nj.nec.com/544845.html.
Cho, S. (2002). Incorporating Soft Computing Techniques into a Probabilitistic Intrusion Detection System. IEEE Transactions on Systems, Man and Cybernetics 32(2): 154–160.
Lee, W., S. J. Stolfo, P. K. Chan, E. Eskin, W. Fan, M. Miller, S. Hershkop, and J. Zhang (2001, June). Real time data mining- based intrusion detection. In Proc. Second DARPA Information Survivability Conference and Exposition, Anaheim, CA, pp. 85–100. IEEE Computer Society.
Jiawei, H, and Micheline Kamber(2001). Data Mining:Concepts and Techniques. Higher Educa-tion Press,3–10
Sequeira, K. & Zaki, M. (2002). ADMIT: Anomaly-based Data Mining for Intrusions. Proc. of SIGKDD02, 386–395.
Fortuna c, Fortuna b, mohorčič m,(2007) anomaly detection in computer networks using linear svms
Hawkins, S., He, H., Williams, G. & Baxter, R. (2002). Outlier Detection Using Replicator Neural Networks. Proc. of DaWaK2002, 170–180.
Williams, G., Baxter, R., He, H. & Hawkins, S. (2002). A Comparative Study of RNN for Outlier Detection in Data Mining. Proc. of ICDM02, 709–712.
Lee W. Salvatore J. Stolfo Kui W. Mok.(1999) A Data Mining Framework for Building Intrusion Detection Models (1This research is supported in part by grants from DARPA (F30602–96-1–0311) and NSF (IRI-96–32225 and CDA-96–25374).submitted to the 1999 IEEE Symposium on Security and Privacy.
Lane, T. & Brodley, C. (2003). An Empirical Study of Two Approaches to Sequence Learning for Anomaly Detection. Machine Learning 51:73–107.
Didaci, L., G. Giacinto, and F. Roli (2002). Ensemble learning for intrusion detection in computer networks. http://citeseer.nj.nec.com/533620.html.
Bloedorn E, Alan D. Christiansen, William Hill, Clement Skorupka, Lisa M. Talbot, and Jonathan Tivel(2002). Data mining for network intrusion detection: How to get started. Technical report, The MITRE Corporation, 2001. 1–9.
Minnesota university, Minnesota Intrusion Detection System.[Online] Available from: www.cs.umn.edu/research/MINDS [Accessed 15 November 2007] .
Rajeswari, L. Prema; Kannan, A., (4–6 Jan. 2008) An Intrusion Detection System Based on Multiple Level Hybrid Classifier using Enhanced C4.5 , Communications and Networking, 2008. ICSCN apos, International Conference, Page(s):75 – 79.
Idris , N, Shanmugam ,B, (2006) Novel Attack Detection Using Fuzzy Logic and Data Mining. Security and Management: 26–31.
Prasad G, Dhanalakshmi Y, Dr.Vijaya V Kumar Dr Babu R, Modeling An Intrusion Detection System Using Data Mining And Genetic Algorithms Based On Fuzzy Logic, IJCSNS International Journal of Computer Science and Network Security, VOL.8 No.7, July 2008.
Dhanalakshmi and Babu,(February 2008) Intrusion Detection Using Data Mining Along Fuzzy Logic and Genetic Algorithms, IJCSNS International Journal of Computer Science and Network Security, VOL.8 No.2.
Cheung-Leung Lui Tak-Chung Fu Ting-Yee Cheung Agent-based network intrusion detection system using data mining approaches, Information Technology and Applications, 2005. ICITA 2005.Publication Date: 4–7 July 2005: 131- 136 vol.1, ISBN: 0–7695-2316–1.
Bartoš K, Grill M, Krmíˇcek V, Rehák M, Celeda P,(July 2008) Flow Based Network Intrusion Detection System using Hardware-Accelerated NetFlow Probes, abriela Krˇcmaˇrová, Petr Sojka (Eds.): CESNET Conference 2008, Proceedings, pp. 49–56.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer Science+Business Media B.V.
About this paper
Cite this paper
Helali, R.G.M. (2010). Data Mining Based Network Intrusion Detection System: A Survey. In: Sobh, T., Elleithy, K., Mahmood, A. (eds) Novel Algorithms and Techniques in Telecommunications and Networking. Springer, Dordrecht. https://doi.org/10.1007/978-90-481-3662-9_86
Download citation
DOI: https://doi.org/10.1007/978-90-481-3662-9_86
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-90-481-3661-2
Online ISBN: 978-90-481-3662-9
eBook Packages: EngineeringEngineering (R0)