Data Mining in Intrusion Detection: A Comparative Study of Methods, Types and Data Sets
TLDR
A literature survey on intrusion detection system shows that 42 % KDD cup dataset, 20 % DARPA dataset and 38 % other datasets are used by the different researchers for testing the effectiveness of their proposed method for misuse detection, anomaly detection or both.Abstract:
In the era of information and communication technology, Security is an important issue. A lot of effort and finance are being invested in this sector. Intrusion detection is one of the most prominent fields in this area. Data mining in network intrusion detection can automate the network intrusion detection field with a greater efficiency. This paper presents a literature survey on intrusion detection system. The research papers taken in this literature survey are published from 2000 to 2012. We can see that almost 67 % of the research papers are focused on anomaly detection, 23 % on both anomaly and misuse detection and 10 % on misuse detection. In this literature survey statistics shows that 42 % KDD cup dataset, 20 % DARPA dataset and 38 % other datasets are used by the different researchers for testing the effectiveness of their proposed method for misuse detection, anomaly detection or both.read more
Citations
More filters
Journal ArticleDOI
Intrusion detection and Big Heterogeneous Data: a Survey
TL;DR: Overall, both cyber threat analysis and cyber intelligence could be enhanced by correlating security events across many diverse heterogeneous sources, as well as presenting areas where more research opportunities exist.
Journal ArticleDOI
Benchmarking of Machine Learning for Anomaly Based Intrusion Detection Systems in the CICIDS2017 Dataset
Ziadoon Kamil Maseer,Robiah Yusof,Nazrulazhar Bahaman,Salama A. Mostafa,Cik Feresa Mohd Foozy +4 more
TL;DR: 10 popular supervised and unsupervised ML algorithms for identifying effective and efficient ML–AIDS of networks and computers are applied and the true positive and negative rates, accuracy, precision, recall, and F-Score of 31 ML-AIDS models are evaluated.
Journal ArticleDOI
Host-Based Intrusion Detection System with System Calls: Review and Future Trends
TL;DR: A review of the development of system-call-based HIDS and future research trends is provided, namely, the reduction of the false-positive rate, the improvement of detection efficiency, and the enhancement of collaborative security.
Journal ArticleDOI
A feature selection approach to find optimal feature subsets for the network intrusion detection system
Seung-Ho Kang,Kuinam J. Kim +1 more
TL;DR: An optimal feature selection algorithm is proposed based on a local search algorithm, one of the representative meta-heuristic algorithms for solving computationally hard optimization problems and exploited to measure the goodness of a feature subset as a cost function.
Journal ArticleDOI
Fuzzy min---max neural network and particle swarm optimization based intrusion detection system
TL;DR: An intrusion detection system which is based on the fuzzy min max neural network and the particle swarm optimization is proposed, which shows that the proposed system performed well as compared to the other systems.
References
More filters
Journal ArticleDOI
A framework for constructing features and models for intrusion detection systems
Wenke Lee,Salvatore J. Stolfo +1 more
TL;DR: A novel framework, MADAM ID, for Mining Audit Data for Automated Models for Instrusion Detection, which uses data mining algorithms to compute activity patterns from system audit data and extracts predictive features from the patterns.
Journal ArticleDOI
Use of K-Nearest Neighbor classifier for intrusion detection11An earlier version of this paper is to appear in the Proceedings of the 11th USENIX Security Symposium, San Francisco, CA, August 2002
Yihua Liao,V. Rao Vemuri +1 more
TL;DR: A new approach, based on the k-Nearest Neighbor (kNN) classifier, is used to classify program behavior as normal or intrusive, and seems to offer some computational advantages over those that seek to characterize program behavior with short sequences of system calls and generate individual program profiles.
Journal ArticleDOI
A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering
TL;DR: Experimental results on the KDD CUP 1999 dataset show that the proposed new approach, FC-ANN, outperforms BPNN and other well-known methods such as decision tree, the naive Bayes in terms of detection precision and detection stability.
Journal ArticleDOI
An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks
TL;DR: The principle interest of this work is to benchmark the performance of the proposed hybrid IDS architecture by using KDD Cup 99 Data Set, the benchmark dataset used by IDS researchers.
Journal ArticleDOI
Intrusion detection using naive bayes classifier with feature reduction
Saurabh Mukherjee,Neelam Sharma +1 more
TL;DR: Empirical results show that selected reduced attributes give better performance to design IDS that is efficient and effective for network intrusion detection.