A Framework for the Application of Association Rule Mining in Large Intrusion Detection Infrastructures

2006 ◽  
pp. 1-18 ◽  
Author(s):  
James J. Treinen ◽  
Ramakrishna Thurimella
Keyword(s):  
Intrusion Detection ◽  
Association Rule ◽  
Association Rule Mining ◽  
Rule Mining

Association Rule-Mining-Based Intrusion Detection System With Entropy-Based Feature Selection

2020 ◽  
pp. 1-24
Author(s):  
Devaraju Sellappan ◽  
Ramakrishnan Srinivasan
Keyword(s):  
Intrusion Detection ◽  
Association Rule ◽  
Intrusion Detection System ◽  
Association Rule Mining ◽  
Detection System ◽  
False Positive Rate ◽  
Rule Mining ◽  
Detection Rates ◽  
Mining Algorithm ◽  
Positive Rate

Intrusion detection system (IDSs) are important to industries and organizations to solve the problems of networks, and various classifiers are used to classify the activity as malicious or normal. Today, the security has become a decisive part of any industrial and organizational information system. This chapter demonstrates an association rule-mining algorithm for detecting various network intrusions. The KDD dataset is used for experimentation. There are three input features classified as basic features, content features, and traffic features. There are several attacks are present in the dataset which are classified into Denial of Service (DoS), Probe, Remote to Local (R2L), and User to Root (U2R). The proposed method gives significant improvement in the detection rates compared with other methods. Association rule mining algorithm is proposed to evaluate the KDD dataset and dynamic data to improve the efficiency, reduce the false positive rate (FPR) and provides less time for processing.

Cyber intrusion detection through association rule mining on multi-source logs

2020 ◽  
Author(s):  
Ping Lou ◽  
Guantong Lu ◽  
Xuemei Jiang ◽  
Zheng Xiao ◽  
Jiwei Hu ◽  
...  
Keyword(s):  
Intrusion Detection ◽  
Association Rule ◽  
Association Rule Mining ◽  
Rule Mining

Association Rule-Mining-Based Intrusion Detection System With Entropy-Based Feature Selection

2021 ◽  
pp. 183-206
Author(s):  
Devaraju Sellappan ◽  
Ramakrishnan Srinivasan
Keyword(s):  
Intrusion Detection ◽  
Association Rule ◽  
Intrusion Detection System ◽  
Association Rule Mining ◽  
Detection System ◽  
False Positive Rate ◽  
Rule Mining ◽  
Detection Rates ◽  
Mining Algorithm ◽  
Positive Rate

Intrusion detection system (IDSs) are important to industries and organizations to solve the problems of networks, and various classifiers are used to classify the activity as malicious or normal. Today, the security has become a decisive part of any industrial and organizational information system. This chapter demonstrates an association rule-mining algorithm for detecting various network intrusions. The KDD dataset is used for experimentation. There are three input features classified as basic features, content features, and traffic features. There are several attacks are present in the dataset which are classified into Denial of Service (DoS), Probe, Remote to Local (R2L), and User to Root (U2R). The proposed method gives significant improvement in the detection rates compared with other methods. Association rule mining algorithm is proposed to evaluate the KDD dataset and dynamic data to improve the efficiency, reduce the false positive rate (FPR) and provides less time for processing.

scholarly journals Association Rule Mining for Intrusion Detection System: A Survey

2019 ◽  
Vol 8 (1) ◽  
pp. 20-24
Author(s):  
D. Selvamani ◽  
V. Selvi
Keyword(s):  
Data Mining ◽  
Intrusion Detection ◽  
Association Rule ◽  
Association Rule Mining ◽  
Detection System ◽  
Market Basket Analysis ◽  
Rule Mining ◽  
Market Basket ◽  
Detection Systems ◽  
Large Sets

Many modern intrusion detection systems are based on data mining and database-centric architecture, where a number of data mining techniques have been found. Among the most popular techniques, association rule mining is one of the important topics in data mining research. This approach determines interesting relationships between large sets of data items. This technique was initially applied to the so-called market basket analysis, which aims at finding regularities in shopping behaviour of customers of supermarkets. In contrast to dataset for market basket analysis, which takes usually hundreds of attributes, network audit databases face tens of attributes. So the typical Apriori algorithm of association rule mining, which needs so many database scans, can be improved, dealing with such characteristics of transaction database. In this paper, a literature survey on the Association Rule Mining has carried out.

scholarly journals ASSOCIATION RULE MINING FOR KDD INTRUSION DETECTION DATA SET

2013 ◽  
pp. 138-142
Author(s):  
ASIM DAS ◽  
S. SIVA SATHYA
Keyword(s):  
Intrusion Detection ◽  
Association Rule ◽  
Association Rule Mining ◽  
Binary Data ◽  
Network Intrusion Detection ◽  
Rule Mining ◽  
Association Patterns ◽  
Data Set ◽  
Network Intrusion ◽  
Audit Data

Network intrusion detection includes a set of malicious actions that compromise the integrity, confidentiality and availability of information resources. Several techniques for mining rules from KDD intrusion detection dataset [10] enables to identify attacks in the network. But little research has been done to determine the association patterns that exist between the attributes in the dataset. This paper focuses on the association rule mining in KDD intrusion dataset. Since the dataset constitutes different kinds of data like binary, discrete & continuous data, same technique cannot be applied to determine the association patterns. Hence, this paper uses varying techniques for each type of data. The proposed method is used to generate attack rules that will detect the attacks in network audit data using anomaly detection. Rules are formed depending upon various attack types. For binary data, Apriori approach is used to eliminate the non-frequent item set from the rules and for discrete and continuous value the proposed techniques are used. The paper concludes with experimental results.

Sign in / Sign up

Export Citation Format

Share Document