Abstract
It has been the recent research focus and trend to apply data mining techniques in an intrusion detection system for discovering new types of attacks, but it is still in its infancy. This paper presents an innovative technique, called MMID, that applies maximal frequent itemsets mining to intrusion detection and can significantly improve the accuracy and performance of an intrusion detection system. The experimental results show that MMID is efficient and accurate for the attacks that occur intensively in a short period of time.
This paper is supported by the National Natural Science Foundation of China under Grant No.60273075. Hui Wang is a professor in Wuhan Communication College, and a PhD candidate in computer school, Huazhong Univ. of Sci. & Tech., China. Her research interests include intrusion detection and data mining.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Porras, P.A., Kemmerer, R.A.: Penetration state transition analysis: A rule-based intrusion detection approach. In: Proceedings of the Eighth Annual Computer Security Application Conference, San Antonio TX, pp. 220–229 (1992)
Kumar, S., Spafford, E.H.: A software architecture to support misuse intrusion detection. In: Proceedings of the 18th national information security conference, pp. 194–204 (1995)
Anderson, D., Teresa, F., Lunt, J.H., et al.: Detecting Unusaul Program Behavior Using the Stastistical Component of the Next-generation Intrusion Detection Expert System (NIDES). SRI-CSL-95-06, SRI International Menlo Park CA (1995)
Warrender, C., Forrest, S., Pearlmutter, B.: Detecting intrusions using system calls: Alternative data models. In: Proceedings of the 1999 IEEE Symposium on Security and Privacy (May 1999)
Lee, W.: A Data Mining Framework for Constructing Features and Models for Intrusion Detection Systems: [PhD thesis]. Columbia University (1999)
Sequeira, K., Zaki, M.J.: ADMIT: Anomaly-based Data Mining for Intrusions. In: Proceedings of the 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Edmonton Alberta Canada, pp. 386–395 (2002)
Barbará, D., Couto, J., Jajodia, S., et al.: ADAM: A Testbed for Exploring the Use of Data Mining in Intrusion Detection. SIGMOD 30(4), 15–24 (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wang, H., Li, QH., Xiong, H., Jiang, SY. (2004). Mining Maximal Frequent Itemsets for Intrusion Detection. In: Jin, H., Pan, Y., Xiao, N., Sun, J. (eds) Grid and Cooperative Computing - GCC 2004 Workshops. GCC 2004. Lecture Notes in Computer Science, vol 3252. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30207-0_53
Download citation
DOI: https://doi.org/10.1007/978-3-540-30207-0_53
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23578-1
Online ISBN: 978-3-540-30207-0
eBook Packages: Springer Book Archive