Databases Reference
In-Depth Information
Chapter 6
MINING KNOWLEDGE FROM NETWORK
INTRUSION DATA USING DATA MINING
TECHNIQUES
M. PANDA
∗
andM.R.PATRA
†
∗
Department of ECE,
Gandhi Institute of Engineering and Technology,
Gunupur, Orissa, India
mrutyunjaya.2007@rediffmail.com
†
Department of Computer Science,
Berhampur University, Berhampur, Orissa, India
mrpatra12@gmail.com
Today networking of computing infrastructures across geographical boundaries
has made it possible to perform various operations effectively irrespective
of application domains. But, at the same time the growing misuse of this
connectively in the form of network intrusions has jeopardized the security
aspect of both the data that are transacted over the network and maintained in
data stores. Research is in progress to detect such security threats and protect
the data from misuse. A huge volume of data on intrusion is available which
can be analyzed to understand different attack scenarios and devise appropriate
counter-measures. The DARPA KDDcup'99 intrusion data set is a widely used
data source which depicts many intrusion scenarios for analysis. This data set
can be mined to acquire adequate knowledge about the nature of intrusions
thereby one can develop strategies to deal with them. In this work we discuss
on the use of different data mining techniques to elicit su
cient information
that can be effectively used to build intrusion detection systems.
6.1. Introduction
Network intrusion refers to any activity that tries to compromise the
security of information stored in computers connected to a network. A wide
range of activities falls under this definition, including attempts to de-
stabilize the network, gain un-authorized access to files or privileges or
simply misuse of network resources. Intrusion Detection Systems (IDS) are
being developed to deal with such attacks and facilitate appropriate actions
161
