Data mining model and algorithm in IDS

Tianshu Huang; Ping Xiong; Tianqing Zhu

doi:10.1117/12.517378

15 April 2004 Data mining model and algorithm in IDS

Tianshu Huang, Ping Xiong, Tianqing Zhu

Proceedings Volume 5282, Network Architectures, Management, and Applications; (2004) https://doi.org/10.1117/12.517378
Event: Asia-Pacific Optical and Wireless Communications, 2003, Wuhan, China

Abstract

In this paper, data mining technologies are used to analyze and extract features that can distinguish normal activities from intrusions. Based on the common model CIDF, we present an IDS framework with an embedded data mining module to improve accuracy of IDS. Three subsystems (including monitor system, data process system and decision-making system) in the framework are introduced respectively. Using experiments on mining network connection features, we present a decision-tree classification algorithm, which uses data set of network connection features as training data set to build decision tree. Using system behaviors as new samples and testing their attributes on the decision tree can recognize anomalies and unknown intrusions accurately.

Citation Download Citation

Tianshu Huang, Ping Xiong, and Tianqing Zhu "Data mining model and algorithm in IDS", Proc. SPIE 5282, Network Architectures, Management, and Applications, (15 April 2004); https://doi.org/10.1117/12.517378

ACCESS THE FULL ARTICLE

INSTITUTIONAL
Select your institution to access the SPIE Digital Library.

SELECT YOUR INSTITUTION

PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.

PERSONAL SIGN IN

No SPIE Account? Create one

PURCHASE THIS CONTENT

SUBSCRIBE TO DIGITAL LIBRARY

50 downloads per 1-year subscription

Members: $195

Non-members: $335 ADD TO CART

25 downloads per 1 - year subscription

Members: $145

Non-members: $250 ADD TO CART

PURCHASE SINGLE ARTICLE

Includes PDF, HTML & Video, when available