A comparison study of temporal signature mining over traditional data mining techniques to detect network intrusion

Abstract

Network intrusion means any attempt to compromise the confidentiality or availability of a computer network. The growing speed of data transmission poses a challenge in the detection of such intrusions. Most of the existing systems for detecting network intrusion ignore a significant feature associated with every sort of data, time. On the other hand, some systems have taken the temporal aspect of data into account (Ahmed in Online network intrusion detection system using temporal logic and stream data processing [1] and Hogo in 2014 International Carnahan Conference on Security Technology (ICCST), pp. 1–6, 2014 [2]). These systems show better accuracy, low false alarm rates, higher bandwidth with full coverage rate, and system availability in case of data flow rate close to 1 GB/s. The concept of temporal data mining in network intrusion detection is being more popular as it is providing more promising results than traditional mining techniques.