A DATA COLLECTION MODEL FOR INTRUSION DETECTION SYSTEM BASED ON SIMPLE RANDOM SAMPLING

  • Liang Hu
  • Kuo Zhao
  • Bo Li

Abstract

Data collection mechanism is the crucial factor that affects the performance of intrusion detection system (IDS). Simple random sampling technique of statistics is introduced to the procedure of data collection of IDS, and a new data collection model for IDS is provided. Formulas used to calculate the sample size of packets under both normal conditions and special conditions where there is a small amount of network traffic with attack signature are presented. Experimental results show the model is able to improve the efficiency of data collection and strengthen the processing performance of IDS with little devaluation of detection precision of IDS.

Keywords

Haldane 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

REFERENCES

  1. 1.
    D.E. Denning (1987), An intrusion-detection model, IEEE Transactions on Software Engineering, SE-13, pp. 222–232.Google Scholar
  2. 2.
    N.G. Duffield and M. Grossglauser (2001), Trajectory Sampling for Direct Traffic Observation, IEEE/ACM Trans. on Networking, 9, 3, pp. 280–292.CrossRefGoogle Scholar
  3. 3.
    M. Kodialam and T.V. Lakshman (2003), Detecting network intrusions via sampling: A game theoretic approach, IEEE INFOCOM 2003—The Conference on Computer Communications, pp. 1880–1889.Google Scholar
  4. 4.
    J.B. Haldane (1945), On a method of estimating frequencies. Biometrika 33:222–225.MATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer 2006

Authors and Affiliations

  • Liang Hu
    • 1
    • 2
  • Kuo Zhao
    • 1
    • 2
  • Bo Li
    • 1
  1. 1.Department of Computer Science and Technology Jilin UniversityChangchunChina
  2. 2.Key Laboratory of Symbol Computation and Knowledge Engineering of the Ministry of EducationJilin UniversityChangchunChina

Personalised recommendations