Title :
An efficient framework for intrusion detection based on data mining
Author :
Li, Weidong ; Zhang, Kejun ; Li, Boqun ; Yang, Bingru
Author_Institution :
Sch. of Inf. Eng., Univ. of Sci. & Technol. Beijing
Abstract :
A multi-layer intrusion detection framework is proposed in this paper. Comparing to the traditional system, the framework has sources from all the respects of host computer and network, and calculates connecting volume for each active connection, thus only the suspicious connections would be analyzed, more than 80% packets are normal, and don´t need processing, influence to the system speed is very little. All the information of the host computer is combined to a union, and the properties are expanded and enhanced for the data mining engine, so the mining process is efficient and accurate. Fuzzy mining can also be used in intrusion detecting and rule sets comparing. The framework provides abilities of detection, report and response. Experimental results show the rapidness and accuracy of the proposed framework
Keywords :
data mining; fuzzy reasoning; knowledge based systems; security of data; computer network; data mining; fuzzy mining; host computer; multilayer intrusion detection; Association rules; Computer networks; Data engineering; Data mining; Data security; Databases; Decoding; Electronic mail; Intrusion detection; Joining processes;
Conference_Titel :
Computational Intelligence Methods and Applications, 2005 ICSC Congress on
Conference_Location :
Istanbul
Print_ISBN :
1-4244-0020-1
DOI :
10.1109/CIMA.2005.1662306
