Abstract | ||
---|---|---|
Most of the existing commercial Network Intrusion Detection System (NIDS) products are signature-based but not adaptive. In this paper, an adaptive NIDS using data mining technology is developed. Data mining approaches are used to accurately capture the actual behaviour of network traffic, and the portfolio mined is useful for differentiating 'normal' and 'attack' traffics. On the other hand, most of the current researches use only one engine for detection of various attacks; the proposed system, which is constructed by a number of agents, is totally different in both training and detecting processes. Each of the agents has its own strength in capturing a kind of network behaviour and hence the system has strength in detecting different types of attack. In addition, its ability in detecting new types of attack and its higher tolerance to fluctuations were shown. The experimental results showed that the frequent patterns mined from the audit data could be used as reliable agents, which outperformed the traditional signature-based NIDS. |
Year | DOI | Venue |
---|---|---|
2007 | 10.1504/IJAOSE.2007.014403 | IJAOSE |
Keywords | Field | DocType |
agent-oriented network intrusion detection,data mining approach,adaptive nids,actual behaviour,traditional signature-based nids,audit data,network traffic,various attack,data mining technology,different type,network behaviour,multi agent systems,association rules,data mining,agents,clustering | Data mining,Network intrusion detection,Agent based systems,Computer science,Intrusion prevention system,Multi-agent system,Anomaly-based intrusion detection system,Association rule learning,Artificial intelligence,Agent oriented software,Cluster analysis,Machine learning | Journal |
Volume | Issue | Citations |
1 | 2 | 3 |
PageRank | References | Authors |
0.42 | 14 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Tak-chung Fu | 1 | 407 | 21.29 |
Chung-Leung Lui | 2 | 22 | 1.34 |