Efficient mining and detection of sequential intrusion patterns for network intrusion detection systems

Mei-Ling Shyu, Zifang Huang, Hongli Luo

Research output: Chapter in Book/Report/Conference proceedingChapter

6 Citations (Scopus)

Abstract

In recent years, pervasive computing infrastructures have greatly improved the interaction between human and system. As we put more reliance on these computing infrastructures, we also face threats of network intrusion and/or any new forms of undesirable IT-based activities. Hence, network security has become an extremely important issue, which is closely connected with homeland security, business transactions, and people's daily life. Accurate and efficient intrusion detection technologies are required to safeguard the network systems and the critical information transmitted in the network systems. In this chapter, a novel network intrusion detection framework for mining and detecting sequential intrusion patterns is proposed. The proposed framework consists of a Collateral Representative Subspace Projection Modeling (C-RSPM) component for supervised classification, and an inter-transactional association rule mining method based on Layer Divided Modeling (LDM) for temporal pattern analysis. Experiments on the KDD99 data set and the traffic data set generated by a private LAN testbed show promising results with high detection rates, low processing time, and low false alarm rates in mining and detecting sequential intrusion detections.

Original languageEnglish
Title of host publicationMachine Learning in Cyber Trust: Security, Privacy, and Reliability
PublisherSpringer US
Pages133-154
Number of pages22
ISBN (Print)9780387887340
DOIs
StatePublished - Dec 1 2009

Fingerprint

Intrusion detection
National security
Network security
Association rules
Ubiquitous computing
Testbeds
Local area networks
Processing
Industry
Experiments

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Shyu, M-L., Huang, Z., & Luo, H. (2009). Efficient mining and detection of sequential intrusion patterns for network intrusion detection systems. In Machine Learning in Cyber Trust: Security, Privacy, and Reliability (pp. 133-154). Springer US. https://doi.org/10.1007/978-0-387-88735-7_6

Efficient mining and detection of sequential intrusion patterns for network intrusion detection systems. / Shyu, Mei-Ling; Huang, Zifang; Luo, Hongli.

Machine Learning in Cyber Trust: Security, Privacy, and Reliability. Springer US, 2009. p. 133-154.

Research output: Chapter in Book/Report/Conference proceedingChapter

Shyu, M-L, Huang, Z & Luo, H 2009, Efficient mining and detection of sequential intrusion patterns for network intrusion detection systems. in Machine Learning in Cyber Trust: Security, Privacy, and Reliability. Springer US, pp. 133-154. https://doi.org/10.1007/978-0-387-88735-7_6
Shyu M-L, Huang Z, Luo H. Efficient mining and detection of sequential intrusion patterns for network intrusion detection systems. In Machine Learning in Cyber Trust: Security, Privacy, and Reliability. Springer US. 2009. p. 133-154 https://doi.org/10.1007/978-0-387-88735-7_6
Shyu, Mei-Ling ; Huang, Zifang ; Luo, Hongli. / Efficient mining and detection of sequential intrusion patterns for network intrusion detection systems. Machine Learning in Cyber Trust: Security, Privacy, and Reliability. Springer US, 2009. pp. 133-154
@inbook{57ca482414864ec38ad044ae33d350c6,
title = "Efficient mining and detection of sequential intrusion patterns for network intrusion detection systems",
abstract = "In recent years, pervasive computing infrastructures have greatly improved the interaction between human and system. As we put more reliance on these computing infrastructures, we also face threats of network intrusion and/or any new forms of undesirable IT-based activities. Hence, network security has become an extremely important issue, which is closely connected with homeland security, business transactions, and people's daily life. Accurate and efficient intrusion detection technologies are required to safeguard the network systems and the critical information transmitted in the network systems. In this chapter, a novel network intrusion detection framework for mining and detecting sequential intrusion patterns is proposed. The proposed framework consists of a Collateral Representative Subspace Projection Modeling (C-RSPM) component for supervised classification, and an inter-transactional association rule mining method based on Layer Divided Modeling (LDM) for temporal pattern analysis. Experiments on the KDD99 data set and the traffic data set generated by a private LAN testbed show promising results with high detection rates, low processing time, and low false alarm rates in mining and detecting sequential intrusion detections.",
author = "Mei-Ling Shyu and Zifang Huang and Hongli Luo",
year = "2009",
month = "12",
day = "1",
doi = "10.1007/978-0-387-88735-7_6",
language = "English",
isbn = "9780387887340",
pages = "133--154",
booktitle = "Machine Learning in Cyber Trust: Security, Privacy, and Reliability",
publisher = "Springer US",

}

TY - CHAP

T1 - Efficient mining and detection of sequential intrusion patterns for network intrusion detection systems

AU - Shyu, Mei-Ling

AU - Huang, Zifang

AU - Luo, Hongli

PY - 2009/12/1

Y1 - 2009/12/1

N2 - In recent years, pervasive computing infrastructures have greatly improved the interaction between human and system. As we put more reliance on these computing infrastructures, we also face threats of network intrusion and/or any new forms of undesirable IT-based activities. Hence, network security has become an extremely important issue, which is closely connected with homeland security, business transactions, and people's daily life. Accurate and efficient intrusion detection technologies are required to safeguard the network systems and the critical information transmitted in the network systems. In this chapter, a novel network intrusion detection framework for mining and detecting sequential intrusion patterns is proposed. The proposed framework consists of a Collateral Representative Subspace Projection Modeling (C-RSPM) component for supervised classification, and an inter-transactional association rule mining method based on Layer Divided Modeling (LDM) for temporal pattern analysis. Experiments on the KDD99 data set and the traffic data set generated by a private LAN testbed show promising results with high detection rates, low processing time, and low false alarm rates in mining and detecting sequential intrusion detections.

AB - In recent years, pervasive computing infrastructures have greatly improved the interaction between human and system. As we put more reliance on these computing infrastructures, we also face threats of network intrusion and/or any new forms of undesirable IT-based activities. Hence, network security has become an extremely important issue, which is closely connected with homeland security, business transactions, and people's daily life. Accurate and efficient intrusion detection technologies are required to safeguard the network systems and the critical information transmitted in the network systems. In this chapter, a novel network intrusion detection framework for mining and detecting sequential intrusion patterns is proposed. The proposed framework consists of a Collateral Representative Subspace Projection Modeling (C-RSPM) component for supervised classification, and an inter-transactional association rule mining method based on Layer Divided Modeling (LDM) for temporal pattern analysis. Experiments on the KDD99 data set and the traffic data set generated by a private LAN testbed show promising results with high detection rates, low processing time, and low false alarm rates in mining and detecting sequential intrusion detections.

UR - http://www.scopus.com/inward/record.url?scp=84878821850&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84878821850&partnerID=8YFLogxK

U2 - 10.1007/978-0-387-88735-7_6

DO - 10.1007/978-0-387-88735-7_6

M3 - Chapter

SN - 9780387887340

SP - 133

EP - 154

BT - Machine Learning in Cyber Trust: Security, Privacy, and Reliability

PB - Springer US

ER -