An intrusion detection method combined Rough Sets and data mining

Author

Changqing Chen ; Weimin Wu ; Heng Zhou ; Gang Shen

Author_Institution

Huazhong Univ. of Sci. & Technol., Wuhan, China

fYear

2011

fDate

27-29 June 2011

Firstpage

1091

Lastpage

1094

Abstract

In order to improve the detection efficiency of intrusion detection and reduce false alarm, an approach combined rough sets and data mining is proposed to enhance the traditional intrusion detection methods. First, collected data is classified and preprocessed by normalizing the value variables and discretely processing the nominal variables, an attribute reduction to the result set can be made based on Pawlak attribute weights Rough Set Algorithm with characteristics of the property up and down approximation set. According to attribute reduction, association rules can be generated which satisfy a certain degree of confidence, then imported into the rule set. Experiments show that the detection approach combined rough sets and data mining has improved the detection efficiency above 20%. The detection rate is almost linear with the number of intrusions.

Keywords

approximation theory; data mining; rough set theory; security of data; Pawlak attribute; approximation set; association rules; attribute reduction; data mining; intrusion detection method; rough set algorithm; Algorithm design and analysis; Data mining; Grippers; Intrusion detection; Rough sets; Stability analysis; Intrusion Detection; Pawlak attribute weights Rough Set; attribute reduction; data mining;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Science and Service System (CSSS), 2011 International Conference on

Conference_Location

Nanjing

Print_ISBN

978-1-4244-9762-1

Type

conf

DOI

10.1109/CSSS.2011.5974769

Filename

5974769