Intrusion Detection with Tree-Based Data Mining Classification Techniques by Using KDD

  title={Intrusion Detection with Tree-Based Data Mining Classification Techniques by Using KDD},
  author={M. Khudadad and Zhiqiu Huang},
In the recent time a huge number of public and commercial service is used through internet so that the vulnerabilities of current security systems have become the most important issue in the society and threats from hackers have also increased. Many researchers feel intrusion detection systems can be a fundamental line of defense. Intrusion Detection System (IDS) is used against network attacks for protecting computer networks. On another hand, data mining techniques can also contribute to… Expand
1 Citations
Data redundancy may lead to unreliable intrusion detection systems
There is a fluctuation in the performance when the data are redundant, which shows that an IDS built using a redundant dataset has unstable performance. Expand


Signature-Based Anomaly intrusion detection using Integrated data mining classifiers
A novel Signature-Based Anomaly Detection Scheme (SADS) which could be applied to scrutinize packet headers' behaviour patterns more precisely and promptly is proposed and results from a number of experiments have validated that SADS own better detection capabilities with lower processing duration as contrast to conventional anomaly-based detection method. Expand
Improved Intrusion Detection in DDoS Applying Feature Selection Using Rank & Score of Attributes in KDD-99 Data Set
The main objective of this analysis is to deliver the broad analysis feature selection methods for NSL-KDD intrusion detection dataset using various classification algorithms. Expand
Experimental analysis of application-level intrusion detection algorithms
This paper presents an application-level intrusion detection algorithm named Graph-based Sequence-Learning Algorithm (GSLA), which includes data pre-processing, normal profile construction and session marking and shows that GSLA improves the effectiveness of anomaly detection. Expand
An overview of anomaly detection techniques: Existing solutions and latest technological trends
This paper provides a comprehensive survey of anomaly detection systems and hybrid intrusion detection systems of the recent past and present and discusses recent technological trends in anomaly detection and identifies open problems and challenges in this area. Expand
An Intrusion-Detection Model
  • D. Denning
  • Computer Science
  • IEEE Transactions on Software Engineering
  • 1987
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis thatExpand
A detailed analysis of the KDD CUP 99 data set
A new data set is proposed, NSL-KDD, which consists of selected records of the complete KDD data set and does not suffer from any of mentioned shortcomings. Expand
The use of computational intelligence in intrusion detection systems: A review
An overview of the research progress in applying CI methods to the problem of intrusion detection is provided, including core methods of CI, including artificial neural networks, fuzzy systems, evolutionary computation, artificial immune systems, swarm intelligence, and soft computing. Expand
Learning nonstationary models of normal network traffic for detecting novel attacks
This paper proposes a learning algorithm that constructs models of normal behavior from attack-free network traffic that can be combined to increase coverage of traditional intrusion detection systems. Expand
A Survey of Anomaly Detection Methods in Networks
In order to distinguish between the different approaches used for anomaly detection in networks in a structured way, those methods are classified into four categories: statistical anomaly detection, classifier based anomalies detection, anomaly detection using machine learning and finite state machine anomaly detection. Expand
Network traffic anomaly detection based on packet bytes
A two stage anomaly detection system for identifying suspicious traffic that model the most common protocols at the packet byte level to flag events that have not been observed for a long time. Expand