Skip to main content
Conference Proceedings

Intrusion detection based on behavior mining and machine learning techniques

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2006) 4031 LNAI 619-628
DOI: 10.1007/11779568_67
6Citations
Citations of this article
11Readers
Mendeley users who have this article in their library.
Get full text

Abstract

This paper describes results concerning the classification capability of unsupervised and supervised machine learning techniques in detecting intrusions using network audit trails. In this paper we investigate well known machine learning techniques: Frequent Pattern Tree mining (FP-tree), classification and regression tress (CART), multivariate regression splines (MARS) and TreeNet The best model is chosen based on the classification accuracy (ROC curve analysis), The results show that high classification accuracies can be achieved in a fraction of the time required by well known support vector machines and artificial neural networks, TreeNet performs the best for normal, probe and denial of service attacks (DoS). CART performs the best for user to super user (U2su) and remote to local (R2L). © Springer-Verlag Berlin Heidelberg 2006.

Cite

CITATION STYLE

APA

Mukkamala, S., Xu, D., & Sung, A. H. (2006). Intrusion detection based on behavior mining and machine learning techniques. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4031 LNAI, pp. 619–628). Springer Verlag. https://doi.org/10.1007/11779568_67

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free