Share Email Print

Proceedings Paper

Data mining model and algorithm in IDS
Author(s): Tianshu Huang; Ping Xiong; Tianqing Zhu
Format Member Price Non-Member Price
PDF $14.40 $18.00
cover GOOD NEWS! Your organization subscribes to the SPIE Digital Library. You may be able to download this paper for free. Check Access

Paper Abstract

In this paper, data mining technologies are used to analyze and extract features that can distinguish normal activities from intrusions. Based on the common model CIDF, we present an IDS framework with an embedded data mining module to improve accuracy of IDS. Three subsystems (including monitor system, data process system and decision-making system) in the framework are introduced respectively. Using experiments on mining network connection features, we present a decision-tree classification algorithm, which uses data set of network connection features as training data set to build decision tree. Using system behaviors as new samples and testing their attributes on the decision tree can recognize anomalies and unknown intrusions accurately.

Paper Details

Date Published: 15 April 2004
PDF: 7 pages
Proc. SPIE 5282, Network Architectures, Management, and Applications, (15 April 2004); doi: 10.1117/12.517378
Show Author Affiliations
Tianshu Huang, Wuhan Univ. (China)
Ping Xiong, Wuhan Univ. (China)
Tianqing Zhu, Wuhan Univ. (China)

Published in SPIE Proceedings Vol. 5282:
Network Architectures, Management, and Applications
S. J. Ben Yoo; Kwok-wai Cheung; Yun-Chur Chung; Guangcheng Li, Editor(s)

© SPIE. Terms of Use
Back to Top