Title :
Mining Network Traffic Efficiently to Detect Stepping-Stone Intrusion
Author :
Sheng, Yingjie ; Zhang, Yongzhong ; Yang, Jianhua
Author_Institution :
Dept. of Comput. Sci., Shanghai TV Univ., Shanghai, China
Abstract :
More and more intruders are used to using stepping-stone to launch the attacks on their interested targets because exploiting stepping-stones can hide them deeply and make them feel safe. Clustering-Partitioning approach was proposed to detect stepping-stone intrusion and resist intruders´ evasion. The biggest issue of this approach is that it mines network traffic in a very inefficient way. Double the mining dataset size quadruples the running time of Clustering-Partitioning approach. In this paper, we propose a new approach CDA to generate mining dataset and reduce its size. The analysis in this paper show that applying CDA can save the running time of Clustering-Partitioning and make stepping-stone intrusion detection more efficient.
Keywords :
data mining; pattern clustering; security of data; telecommunication traffic; clustering-partitioning approach; intruder evasion resistance; network traffic mining; stepping-stone intrusion detection; Algorithm design and analysis; Approximation algorithms; Clustering algorithms; Computers; IP networks; Intrusion detection; Partitioning algorithms; Network security; intrusion detection; network traffic; stepping-stone;
Conference_Titel :
Advanced Information Networking and Applications (AINA), 2012 IEEE 26th International Conference on
Conference_Location :
Fukuoka
Print_ISBN :
978-1-4673-0714-7
DOI :
10.1109/AINA.2012.16