research centers


Search results: Found 2

Listing 1 - 2 of 2
Sort by

Article
Intrusion Detection and Attack Classifier Based on Three Techniques: A Comparative Study

Authors: Adel Sabry Issa --- Adnan Mohsin Abdulazeez Brifcani
Journal: Engineering and Technology Journal مجلة الهندسة والتكنولوجيا ISSN: 16816900 24120758 Year: 2011 Volume: 29 Issue: 2 Pages: 386-412
Publisher: University of Technology الجامعة التكنولوجية

Loading...
Loading...
Abstract

Different soft-computing based methods have been proposed in recent yearsfor the development of intrusion detection systems. The purpose of this work is todevelopment, implement and evaluate an anomaly off-line based intrusiondetection system using three techniques; data mining association rules, decisiontrees, and artificial neural network, then comparing among them to decide whichtechnique is better in its performance for intrusion detection system. Severalmethods have been proposed to modify these techniques to improve theclassification process. For association rules, the majority vote classifier wasmodified to build a new classifier that can recognize anomalies. With decisiontrees, ID3 algorithm was modified to deal not only with discreet values, but alsoto deal with numerical values. For neural networks, a back-propagation algorithmhas been used as the learning algorithm with different number of input patterns(118, 51, and 41) to introduce the important knowledge about the intruder to theneural networks. Different types of normalization methods were applied on theinput patterns to speed up the learning process. The full 10% KDD Cup 99 traindataset and the full correct test dataset are used in this work. The results of theproposed techniques show that there is an improvement in the performancecomparing to the standard techniques, furthermore the Percentage of SuccessfulPrediction (PSP) and Cost Per Test (CPT) of neural networks and decision treesare better than association rules. On the other hand, the training time for neuralnetwork takes longer time than the decision trees.


Article
Evaluation of Different Data Mining Algorithms with KDD CUP 99 Data Set

Authors: Safaa O. Al-mamory --- Firas S. Jassim
Journal: Journal of University of Babylon مجلة جامعة بابل ISSN: 19920652 23128135 Year: 2013 Volume: 21 Issue: 8 Pages: 2663-2681
Publisher: Babylon University جامعة بابل

Loading...
Loading...
Abstract

Data mining is the modern technique for analysis of huge of data such as KDD CUP 99 data set that is applied in network intrusion detection. Large amount of data can be handled with the data mining technology. It is still in developing state, it can become more effective as it is growing rapidly.Our work in this paper survey is for the most algorithms Data Mining using KDD CUP 99 data set in the classification of attacks and compared their results which have been reached, and being used of the performance measurement such as, True Positive Rate (TP), False Alarm Rate(FP), Percentage of Successful Prediction (PSP) and training time (TT) to show the results, the reason for this survey is to compare the results and select the best system for detecting intrusion(classification). The results showed that the Data Mining algorithms differ in the proportion of determining the rate of the attack, according to its type. The algorithm Random Forest Classifier detection is the highest rate of attack of the DOS, While Fuzzy Logic algorithm was the highest in detection Probe attack. The two categories R2U and R2L attacks have been identified well by using an MARS, Fuzzy logic and Random Forest classifiers respectively.MARS getting higher accuracy in classification, while PART classification algorithm got less accuracy. OneR got the least training time, otherwise Fuzzy Logic algorithm and MLP algorithm got higher training time.

تعدين البيانات هي واحده من التقنيات الحديثه لتحليل البيانات الضخمه مثل بيانات KDD CUP 99 والمتخصصه في مجال اكتشاف الاختراقات. الهدف من البحث هو استعراض وتقييم لخوارزميات تعدين البيانات والتي تم تطبيقها على بيانات KDD CUP 99 لتصنيف الهجومات و قياس النتائج من ناحية الدقه والسرعه هذا من جانب، ومن جانب اخر اختيار افضل خوارزميه تصنيف مع هذه البيانات.اظهرت النتائج ان خوارزميات تعدين البيانات تتفاوت في اكتشاف الهجومات وتحديد صنفها. خوارزمية الغابات العشوائيه كانت صاحبة اعلى نسبة اكتشاف بالنسبه لهجومات الـ DOS بينما خوارزمية المنطق المضبب صنفت هجومات الــ Probe بنسبه عاليه. هجومات R2U و R2L تم تصنيفها بشكل جيد من قبل خوارزمية MARS، المنطق المضبب، و مصنف الاشجار العشوائيه على التوالي. خوارزمية MARS كانت صاحبة اعلى دقه في التصنيف بينما كانت خوارزمية PART رديئه جدا". خوارزمية ONER تم تدريبها باقل وقت بينما خوارزمية المنطق المضبب و خوارزمية MLP تدربت ببطئ.

Listing 1 - 2 of 2
Sort by
Narrow your search

Resource type

article (2)


Language

English (2)


Year
From To Submit

2013 (1)

2011 (1)