Title :
A real-time architecture for NIDS based on sequence analysis
Author :
Qing-Hua Liu ; Feng Zhaoi ; Zhao, Feng
Author_Institution :
Sch. of Comput. Sci. & Technol., Huazhong Univ. of Sci. & Technol., Wuhan, China
Abstract :
Due to customers´ demands, network intrusion detection systems (NIDS) are required more real time. Since traditional intelligent NIDS are constructed on the basis of historical network data and system logs, they are expensive and not real time in a network stream environment. This paper presents an improved real time model that based on sequence mining to accelerate the accuracy and efficiency. In this paper, multidimensional item set is used to describes network events, sliding window is used to gather network data stream, and sequence mining algorithms are applied to discover intrusions from normal network stream. Analysis and study on this model indicate that it provide a more accurate and efficient way to building real-time NIDS.
Keywords :
computer networks; data mining; knowledge based systems; real-time systems; security of data; customer demands; data mining; historical network data; intelligent network intrusion detection systems; intrusion discovery; multidimensional item set; network data stream gathering; network events; network stream environment; real-time architecture; sequence analysis; sequence mining; sliding window; system logs; Data engineering; Data mining; Data security; Databases; Decision support systems; Intrusion detection; Multidimensional systems; Performance analysis; Real time systems; Windows; IDS; intrusion; real time; sequence; sliding window;
Conference_Titel :
Machine Learning and Cybernetics, 2005. Proceedings of 2005 International Conference on
Conference_Location :
Guangzhou, China
Print_ISBN :
0-7803-9091-1
DOI :
10.1109/ICMLC.2005.1527254
