By Topic

A real-time network intrusion detection system based on incremental mining approach

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Ming-Yang Su ; Dept. of Comput. Sci. & Inf. Eng., Ming Chuan Univ., Taoyuan ; Kai-Chi Chang ; Hua-Fu Wei ; Chun-Yuen Lin

The fuzzy association rule has been proven to be effective to present userspsila network behavior offline from a huge amount of collected packets. However, not only effectiveness, efficiency is important as well for Network Intrusion Detection Systems (NIDSs). None of those proposed NIDSs subject to fuzzy association rule can meet the real-time requirement because they all applied static mining approach. In the paper, we propose a real-time NIDS by incremental mining for fuzzy association rules. By consistently comparing the two rule sets, one mined from online packets and the other mined from training attack free packets, our system can make a decision per time unit, 2 seconds in the paper. Experiments have been done to demonstrate its excellent effectiveness and efficiency of the system.

Published in:

Intelligence and Security Informatics, 2008. ISI 2008. IEEE International Conference on

Date of Conference:

17-20 June 2008