Title :
An efficient data structure for storing network intrusion detection dataset
Author :
Hubballi, Neminath ; Biswas, Santosh ; Nandi, Sukumar
Author_Institution :
Dept. of CSE, IIT Guwahati, Guwahati
Abstract :
Network based intrusion detection (NID) involves collection of raw packets from network and analyzing them for anomalous content. This deals with careful collection of required features from the header and payloads of packet. Data mining is one of the most popular technique to mine NID database. Most of the mining algorithms require multiple scans of database which increases the I/O operations and thus consume time. To cater this, data abstraction is used which reduces the memory requirement and scan time of database. In this paper we propose a novel data structure called Prefix Runlength tree (PR-Tree) for efficiently storing NID dataset. We used KDD 99 evaluation dataset for our experimentation and results are promising.
Keywords :
abstract data types; data mining; security of data; I/O operations; KDD 99 evaluation dataset; Prefix Runlength tree; data abstraction; data mining; data structure; network intrusion detection; payloads; raw packets; Clustering algorithms; Data mining; Data structures; Feature extraction; Image databases; Intrusion detection; Payloads; Spatial databases; Transaction databases; Tree data structures; data mining; intrusion detection;
Conference_Titel :
Advanced Networks and Telecommunication Systems, 2008. ANTS '08. 2nd International Symposium on
Conference_Location :
Mumbai
Print_ISBN :
978-1-4244-3600-2
Electronic_ISBN :
978-1-4244-3601-9
DOI :
10.1109/ANTS.2008.4937805
