Data Modeling and Data Warehousing Techniques to Improve Intrusion Detection

2Citations
Citations of this article
1Readers
Mendeley users who have this article in their library.
Get full text

Abstract

This chapter describes data mining and data warehousing techniques that can improve the performance and usability of Intrusion Detection Systems (IDS). Current IDS do not provide support for historical data analysis and data summarization. This chapter presents techniques to model network traffic and alerts using a multi-dimensional data model and star schemas. This data model was used to perform network security analysis and detect denial of service attacks. Our data model can also be used to handle heterogeneous data sources (e.g. firewall logs, system calls, net-flow data) and enable up to two orders of magnitude faster query response times for analysts as compared to the current state of the art. We have used our techniques to implement a prototype system that is being successfully used at Army Research Labs. Our system has helped the security analyst in detecting intrusions and in historical data analysis for generating reports on trend analysis. © 2007 Springer Science+Business Media, LLC.

Cite

CITATION STYLE

APA

Singhal, A. (2007). Data Modeling and Data Warehousing Techniques to Improve Intrusion Detection. Advances in Information Security, 31, 69–82. https://doi.org/10.1007/978-0-387-47653-7_5

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free