Temporal signature mining for network intrusion detection using TEMR

Abstract

Network intrusion detection is being a big challenge to combine the network security with the growing speed of data transmission. Traditional data mining approaches were widely used to detect intrusions though having some drawbacks. But there remain some needs of the application of temporal data mining techniques on network intrusion detection as the flow of network data is continuous over time. This paper proposes the idea of applying a framework which is based on doubly sparse convolutional matrix that is closely related to nonnegative matrix factorization to identify the hidden patterns of events. One-sided convolution of two nonnegative matrices shows the convergence of the framework. There is an observation about applying the algorithm on network intrusion detection (NID), and this is how β-divergence increases and decreases with the consideration of a different number of data. The successful minimization of β-divergence can lead to categorizing attack and normal activities found in a dataset containing a packet of network data.