The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

A Scalable Clustering Technique for Intrusion Signature Recognition

Author

Nong Ye, Xiangyang Li

Entry type

inproceedings

Abstract

This paper presents a data mining algorithm , namely Clustering and Classification Algorithm - Supervised (CCA-S), which we developed for detecting intrusions into computer network systems for intrusion detection. CCA-S is used to learn signature patterns of both normal and intrusive activities in the training data, and to classify the activities in the testing data as normal or intrusive based on the learned signature patterns of normal and intrusive activities. CCA-S differs from many existing data mining techniques in its ability in scalable, incremental learning. We tested CCA-S and two popular decision tree algorithms, and obtained their performance for an intrusion detection problem. CCA-S produced better intrusion detection performance than these popular decision tree algorithms.

URL

http://66.102.1.104/scholar?q= ... ure+Recognition&hl=en

Key alpha

Ye

Organization

IEEE

Affiliation

IEEE

Publication Date

2001-01-01

Isbn

0-7803-9814-9

Keywords

computer security, intrusion detection, signature recognition, data mining

Language

English

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.