This paper describes results concerning the classification capability of unsupervised and supervised machine learning techniques in detecting intrusions using network audit trails. In this paper we investigate well known machine learning techniques: Frequent Pattern Tree mining (FP-tree), classification and regression tress (CART), multivariate regression splines (MARS) and TreeNet The best model is chosen based on the classification accuracy (ROC curve analysis), The results show that high classification accuracies can be achieved in a fraction of the time required by well known support vector machines and artificial neural networks, TreeNet performs the best for normal, probe and denial of service attacks (DoS). CART performs the best for user to super user (U2su) and remote to local (R2L). © Springer-Verlag Berlin Heidelberg 2006.
CITATION STYLE
Mukkamala, S., Xu, D., & Sung, A. H. (2006). Intrusion detection based on behavior mining and machine learning techniques. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4031 LNAI, pp. 619–628). Springer Verlag. https://doi.org/10.1007/11779568_67
Mendeley helps you to discover research relevant for your work.