A novel adaptive intrusion detection system based on data mining

Author

Yu, Zhi-Xin ; Chen, Jing-Ran ; Zhu, Tian-Qing

Author_Institution

Sch. of Electron. & Inf., Wuhan Univ., China

Volume

4

fYear

2005

fDate

18-21 Aug. 2005

Firstpage

2390

Abstract

A data mining based adaptive intrusion detection model (DMAIDM) is presented in this paper. The DMAIDM applies a fast heuristic clustering algorithm for mixed data (FHCAM) to distinguish intrusions from legal behaviors efficiently and an attribute-constrained based fuzzy mining algorithm (ACFMA) to construct intrusion pattern-database automatically. Verification tests are carried out by using the 10% subset of KDD Cup 1999 data set, the average detection rate is 71.67% and the average false detection rate is 0.92%. And the detection rate increases from 65.25% (the second subset) to 85.7% (the ninth subset) adaptively. The experimental results reveal that the DMAIDM is successful in terms of not only accuracy but also efficiency in networks intrusion detection.

Keywords

data mining; pattern clustering; security of data; KDD Cup 1999 data set; adaptive intrusion detection system; attribute-constrained based fuzzy mining algorithm; data mining; heuristic clustering algorithm; intrusion pattern-database; verification tests; Adaptive systems; Clustering algorithms; Data mining; Data security; Heuristic algorithms; Intrusion detection; Law; Legal factors; Pattern matching; Transaction databases; Data Mining; Fuzzy Mining; Intrusion Detection; Partition-based Clustering;

fLanguage

English

Publisher

ieee

Conference_Titel

Machine Learning and Cybernetics, 2005. Proceedings of 2005 International Conference on

Conference_Location

Guangzhou, China

Print_ISBN

0-7803-9091-1

Type

conf

DOI

10.1109/ICMLC.2005.1527344

Filename

1527344