By Topic

Local Area Network Anomaly Detection Using Association Rules Mining

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Xiaolei Li ; Res. Center of Spatial Inf. & Digital Eng., Wuhan Univ., Wuhan, China ; Yun Zhang ; Xun Li

In a local area network (LAN) where users are relatively stable, the usage patterns of systems and working habits are also stable. This character implies that there exist many rules in corresponding network applications. By intercepting all the frames in the LAN and pre-processing the collected data, association rules mining techniques can be used to extract association rules from the network data. These rules can latter be effectively applied to network anomaly detection in the LAN. This paper discusses the method of using association rules mining in anomaly detection of LAN, and analyzes its working principle. We give a detailed discussion on several steps, including the method of data acquisition and preprocessing, association rules mining, the usage of similarity to determine whether the network behavior conform to the extracted association rules and the detection of anomalous behaviors. Finally, the corresponding experimental results are given.

Published in:

Wireless Communications, Networking and Mobile Computing, 2009. WiCom '09. 5th International Conference on

Date of Conference:

24-26 Sept. 2009