Survey on Data Mining Techniques for Intrusion Detection System

Abstract

Today, Intrusion Detection Systems have been employed by majority of the organizations to safeguard the security of information systems. Firewalls that are used for intrusion detection possess certain drawbacks which are overcome by various data mining approaches. Data mining techniques play a vital role in intrusion detection by analyzing the large volumes of network data and classifying it as normal or anomalous. Several data mining techniques like Classification, Clustering and Association rules are widely used to enhance intrusion detection. Among them clustering is preferred over classification since it does not require manual labelling of the training data and the system need not be aware of the new attacks. This paper discusses three different clustering algorithms namely K-Means Clustering, Y-Means Clustering and Fuzzy C-Means Clustering. K-Means clustering results in degeneracy and is not suitable for large databases. Y-Means is an improvement over K-means that eliminates empty clusters. Four issues such as Classification of Data, High Level of Human Interaction, Lack of Labelled Data, and Effectiveness of Distributed Denial of Service Attack are being solved using the algorithms like EDADT algorithm, Hybrid IDS model, Semi-Supervised Approach and Varying HOPERAA Algorithm respectively.

Cite this paper

@inproceedings{Patond2014SurveyOD, title={Survey on Data Mining Techniques for Intrusion Detection System}, author={Miss.Kavita Patond and Pranjali Deshmukh}, year={2014} }