[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

Using Data Field to Analyze Network Intrusions

  • Conference paper
Information Security Practice and Experience (ISPEC 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3903))

Abstract

In this paper, we propose a new approach to detect network attacks. Network connections are first transformed into data points in the feature space we predetermined. With the field concept in physics, we consider each point like an electric charge exerts a force on others around it and therefore forms a field which we call data field. Each incoming data object would obtain an amount of the potential energy from the field, from which we can recognize the class of such object. We evaluated our approach over KDD Cup 1999 data set. Experimental results show most attacks can be correctly discriminated in our data field and the false positive rate is acceptable. Compared with other approaches, our method has the better performance in detection of PROBE and U2R attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Amor, N.B., Benferhat, S., Elouedi, Z.: Naive Bayes vs. Decision Trees in Intrusion Detection Systems. In: Proc. of the 19th ACM Symposium on Applied Computing, SAC 2004 (2004)

    Google Scholar 

  2. Barbara, D., Couto, J., Jajodia, S., Wu, N.: ADAM: A Testbed for Exploring the Use of Data Mining in Intrusion Detection. SIGMOD Record (2001)

    Google Scholar 

  3. Barbara, D., Couto, J., Jajodia, S., Wu, N.: ADAM: Detecting Intrusions by Data Mining. In: Proc. of the IEEE Workshop on Information Assurance and Security, West Point, NY (June 2001)

    Google Scholar 

  4. Denning, D.: An Intrusion Detection Model. IEEE Transactions on Software Engineering SE-13, 222–232 (1987)

    Article  Google Scholar 

  5. Ertoz, L., Eilertson, E., Lazarevic, A.: Detection of Novel Network Attacks Using Data Mining. In: Proc. of Workshop on Data Mining for Computer Security (November 2003)

    Google Scholar 

  6. Ertoz, L., Eilertson, E., Lazarevic, A.: The MINDS - Minnesota Intrusion Detection System. In: Proc. of Workshop on Next Generation Data Mining (2004)

    Google Scholar 

  7. Eskin, E., Arnold, A., Prerau, M., Portnoy, L., Stolfo, S.J.: A Geometric Framework for Unsupervised Anomaly Detection: Detecting Intrusions in Unlabeled Data. In: Proc. of Application of Data Mining in Computer Security. Kluwer, Dordrecht (2002)

    Google Scholar 

  8. Fan, W., Stolfo, S.J., Zhang, J., Chan, P.K.: AdaCost: Misclassification Costsensitive Boosting. In: Proc. of the 16th International Conference on Machine Learning (1999)

    Google Scholar 

  9. KDD Cup 1999 Data, http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

  10. Lee, W., Stolfo, S.J., Mok, K.W.: Mining Audit Data to Build Intrusion Detection Models. In: Proc. of the 4th International Conference on Knowledge Discovery and Data Mining, New York (August 1998)

    Google Scholar 

  11. Lee, W., Stolfo, S.J., Mok, K.W.: A Data Mining Framework for Building Intrusion Detection Models. In: Proc. of the IEEE Symposium on Security and Privacy (May 1999)

    Google Scholar 

  12. Levin, I.: KDD-99 Classifier Learning Contest LLSoft’s Results Overview. SIGKDD Explorations 1(2), 67–75 (2000)

    Article  Google Scholar 

  13. Oldmeadow, J., Ravinutala, S., Leckie, C.: Adaptive Clustering for Network Intrusion Detection. In: Dai, H., Srikant, R., Zhang, C. (eds.) PAKDD 2004. LNCS (LNAI), vol. 3056, pp. 255–259. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  14. Pfahringer, B.: Winning the KDD99 Classification Cup: Bagged Boosting. SIGKDD explorations 1(2), 65–66 (2000)

    Article  Google Scholar 

  15. Portnoy, L., Eskin, E., Stolfo, S.: Intrusion Detection with Unlabeled Data Using Clustering. In: Proc. of ACM CSS Workshop on Data Mining Applied to Security (2001)

    Google Scholar 

  16. Ye, N., Chen, Q.: An Anomaly Detection Technique Based on a Chi-Square Statistic for Detecting Intrusions into Information Systems. Quality and Reliability Engineering International 17(2), 105–112 (2001)

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Software Department, Inst. of Computing Tech., Chinese Academy of Science, P.O. Box 2704, Beijing, 100080, P.R. China

    Feng Xie & Shuo Bai

  2. Graduate School, Chinese Academy of Science, Beijing, P.R. China

    Feng Xie

Authors
  1. Feng Xie
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shuo Bai
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Shanghai Jiao Tong University, 200240, Shanghai, China

    Kefei Chen  & Xuejia Lai  & 

  2. Singapore Management University (SMU), 80 Stamford Road, 178902, Singapore

    Robert Deng

  3. Cryptography and Security Department Institute for Infocomm Research, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Xie, F., Bai, S. (2006). Using Data Field to Analyze Network Intrusions. In: Chen, K., Deng, R., Lai, X., Zhou, J. (eds) Information Security Practice and Experience. ISPEC 2006. Lecture Notes in Computer Science, vol 3903. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11689522_8

Download citation

  • DOI: https://doi.org/10.1007/11689522_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-33052-3

  • Online ISBN: 978-3-540-33058-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation