20-09-2012, 04:30 PM
Security and Privacy on the Internet
Security and Privacy.ppt (Size: 279.5 KB / Downloads: 122)
Introduction
Intrusion detection is a process of gathering intrusion related knowledge occurring in the process of monitoring the events and analyzing them for sign or intrusion.
Detecting the intrusion based on two common practices – Misuse detection and Anomaly detection.
To apply data mining techniques in intrusion detection, first, the collected data needs to be preprocessed and converted to the format suitable for mining processing. Next, the reformatted data will be used to develop a clustering or classification model.
Testing Methodology
Session-Based Results
They also scored the UCF data with the session-based network model and found that approximately 32.9% of the sessions were identified as having a probability of 1.0000 of being an attack session.
Conversely, a session that scored a probability lower than 1.0000 does not also necessarily mean that session is a “good” session and poses no threat to their campus networks.
The vast majority of the sessions captured had a low or non-existent probability of being an attack session. Their studies showed that more than 66% of the sessions captured have an attack probability of 0.0129.
Conclusion
In this report we have studied the details of four papers in this area.
We have tried to make summary of those four papers, their system models, their technologies and their validation methods.
We did not go through all the cross-references given in those papers rather we kept the scope of this paper limited into these four papers only.
We strongly believe that this paper will be able to give the reader a overview on currently development in this area and how data mining is evolving into the field of network intrusion detection.