Call for Paper - August 2022 Edition
IJCA solicits original research papers for the August 2022 Edition. Last date of manuscript submission is July 20, 2022. Read More

Identifying Intrusion Patterns using a Decision Tree

Print
PDF
International Journal of Computer Applications
© 2012 by IJCA Journal
Volume 45 - Number 9
Year of Publication: 2012
Authors:
Anusha Jayasimhan
Jayant Gadge
10.5120/6806-9147

Anusha Jayasimhan and Jayant Gadge. Article: Identifying Intrusion Patterns using a Decision Tree. International Journal of Computer Applications 45(9):14-18, May 2012. Full text available. BibTeX

@article{key:article,
	author = {Anusha Jayasimhan and Jayant Gadge},
	title = {Article: Identifying Intrusion Patterns using a Decision Tree},
	journal = {International Journal of Computer Applications},
	year = {2012},
	volume = {45},
	number = {9},
	pages = {14-18},
	month = {May},
	note = {Full text available}
}

Abstract

Computer networks are usually vulnerable to attacks by any unauthorized person trying to misuse the resources. . Hence they need to be protected against such attacks by Intrusion Detection Systems (IDS). The traditional prevention techniques such as user authentication, data encryption, avoidance of programming errors, and firewalls are only used as the first line of defense. But, if a password is weak and is compromised, user authentication cannot prevent unauthorized use. Similarly, firewalls are vulnerable to errors in configuration and sometimes have ambiguous/undefined security policies. They fail to protect against malicious mobile code, insider attacks and unsecured modems. Therefore, intrusion detection is required as an additional wall for protecting systems. Previously many techniques have been used for the effective detection of intrusions. One of the major issues is however the accuracy of these systems. To improve accuracy, data mining programs are used to analyze audit data and extract features that can distinguish normal activities from intrusions. This paper shows the implementation of by viewing intrusion detection as a data mining problem. One of the most common data mining approaches i. e classification via decision trees has been adopted to detect intrusion detection patterns.

References

  • Lee,Salvatore J. Stolfo," A framework for constructing features and models for intrusion detection systems," ACM Transactions on Information and System Security, Vol. 3, No. 4, November 2000, Pages 227–261.
  • Neri, F. , "Comparing local search with respect to genetic evolution to detect intrusion in computer networks", In Proc. of the 2000 Congress on Evolutionary Computation CEC00, La Jolla, CA, pp. 238243. IEEE Press, pp 16-19 July, 2000.
  • Neri, F. , "Mining TCP/IP traffic for network intrusion detection", In R. L. de M'antaras and E. Plaza (Eds. ), Proc. of Machine Learning: ECML 2000, 11th European Conference on Machine Learning, Volume 1810 of Lecture Notes in Computer Science, Barcelona, Spain, pp. 313-322,May 31- June 2, 2000.
  • Dasgupta, D. and F. A. Gonzalez, "An intelligent decision support system for intrusion detection and response",In Proc. of International Workshop on Mathematical Methods, Models and Architectures for Computer Networks Security (MMM-ACNS), St. Petersburg. Springer-Verlag, 21-23 May, 2001.
  • Debar, H. , Becker, M. , and Siboni, D. , "A neural network component for an intrusion detection system", IEEE Computer Society Symposium on Research in Security and Privacy, Los Alamitos, CA, pp. 240–250, Oakland, CA, May 1992.
  • Hsaio-Hung,"A hybrid Network intrusion detection model using Random Forests and K Nearest Neighbour", University of Information Management, June 2008
  • G. J. Klir, "Fuzzy arithmetic with requisite constraints", Fuzzy Sets and Systems, 1997.
  • Dickerson, J. E. and J. A. Dickerson, "Fuzzy network profiling for intrusion detection", In Proc. of NAFIPS 19th International Conference of the North American Fuzzy Information Processing Society, Atlanta, pp. 301-306. North American Fuzzy Information Processing Society (NAFIPS),July 2000.
  • G. Florez, SM. Bridges, Vaughn RB, "An improved algorithm for fuzzy data mining for intrusion detection", Annual Meeting of The North American Fuzzy Information Processing Society Proceedings, 2002.
  • http://www. wikipedia. com
  • Wenke Lee , Salvatore J. Stolfo , Philip K. Chan , Eleazar Eskin , Wei Fan , Matthew Miller , Shlomo Hershkop , Junxin Zhang," Real time data mining-based intrusion detection ,2001
  • Mahbod Tavallaee, Ebrahim Bagheri, Wei Lu, and Ali A. Ghorbani," A Detailed Analysis of the KDD CUP 99 Data Set", Proceedings on the 2009 IEEE Symposium on Computation Intelligence in Security and Defense Application, July 2009, pp 1-6
  • L Prema Rajeswari, Kannan Arputharaj, "An active rule approach for network intrusion detection with enhanced C4. 5 algorithm", Network and System Sciences, 2008, pp 285-385
  • H. Günes Kayacik, A. Nur Zincir-Heywood, Malcolm I. Heywood," Selecting features for intrusion detection: A feature relevance analysis on KDD 99 intrusion detection datasets", Proceedings of the Third Annual Conference on Privacy Security and Trust PST2005 ,2005,pp 3-5