Integrating Data Mining Techniques with Intrusion Detection Methods

Capítulo de livro Acesso aberto Revisado por pares

Integrating Data Mining Techniques with Intrusion Detection Methods

2000; Springer Science+Business Media; Linguagem: Inglês

10.1007/978-0-387-35508-5_3

ISSN

1868-422X

Autores

Ravi Mukkamala, Jason Gagnon, Sushil Jajodia,

Tópico(s)

Anomaly Detection Techniques and Applications

Resumo

Intrusion detection systems like NIDES depend on the ability to characterize a user’s past behavior based on his/her usage patterns. The characterization is typically made in terms of statistics drawn on system parameters such as CPU, I/O and network loads, and file access patterns. For example, NIDES maintains statistics on approximately 25 such parameters for each user. The cost of data collection, statistics computation, and intrusion detection are directly proportional to the number of parameters maintained per user. If we would like to achieve real-time responses to intrusion detection, then we need to minimize the number of parameters without adversely affecting the detection capabilities. In this chapter, we propose to use some of the feature reduction and selection techniques commonly used in data mining applications to reduce the computational and storage requirements of the intrusion detection methods. Since typically several of the user behavioral parameters are correlated, applying these techniques may reduce the number of parameters needed to represent the user behavior.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

Integrating Data Mining Techniques with Intrusion Detection Methods