Title :
Analysis and Design for Intrusion Detection System Based on Data Mining
Author :
Zhao, Duanyang ; Xu, Qingxiang ; Feng, Zhilin
Author_Institution :
Zhijiang Coll., Zhejiang Univ. of Technol., Hangzhou, China
Abstract :
Network and host Intrusion Detection Systems (IDS) have become a standard component in security infrastructures. As the action of intrusion represents variable, complicated, and uncertainty characteristic, they face so many problems to resolve for intrusion detection. Each approach has its strengths and weaknesses. A truly effective intrusion detection system will employ both technologies. We discusses the differences in host- and network-based intrusion detection techniques to demonstrate how the two can work together to provide additionally effective intrusion detection and protection. We propose a hybrid IDS, which combines network and host IDS, with anomaly and misuse detection mode, utilizes auditing programs to extract an extensive set of features that describe each network connection or host session, and applies data mining programs to learn rules that accurately capture the behavior of intrusions and normal activities.
Keywords :
data mining; feature extraction; security of data; uncertainty handling; auditing programs; data mining; feature extract; host IDS; hybrid IDS; intrusion detection system; misuse detection mode; network connection; network-based intrusion detection techniques; security infrastructures; uncertainty characteristic; Computer hacking; Computer science; Content addressable storage; Data mining; Data security; Educational institutions; Educational technology; Engines; Intrusion detection; System testing; analysis engine; apriori algorithm; data mining; hybrid ids; intrusion detection;
Conference_Titel :
Education Technology and Computer Science (ETCS), 2010 Second International Workshop on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-6388-6
Electronic_ISBN :
978-1-4244-6389-3
DOI :
10.1109/ETCS.2010.478
