An Empirical Comparison Study on Attack Detection Mechanisms Using Data Mining 


Vol. 31,  No. 2, pp. 208-218, Feb.  2006


PDF
  Abstract

In this paper, we introduce the creation methods of attack detection model using data mining technologies that can classify the latest attack types, and can detect the modification of existing attacks as well as the novel attacks. Also, we evaluate comparatively these attack detection models in the view of detection accuracy and detection time. As the important factors for creating detection models, there are data, attribute, and detection algorithm. Thus, we used NetFlow data gathered at the real network, and KDD Cup 1999 data for the experiment in large quantities. And for attribute selection, we used a heuristic method and a theoretical method using decision tree algorithm. We evaluate comparatively detection models using a single supervised/unsupervised data mining approach and a combined supervised data mining approach. As a result, although a combined supervised data mining approach required more modeling time, it had better detection rate. All models using data mining techniques could detect the attacks within 1 second, thus these approaches could prove the real-time detection. Also, our experimental results for anomaly detection showed that our approaches provided the detection possibility for novel attack, and especially SOM model provided the additional information about existing attack that is similar to novel attack.

  Statistics
Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


  Cite this article

[IEEE Style]

M. Kim, H. Oh, K. Chae, "An Empirical Comparison Study on Attack Detection Mechanisms Using Data Mining," The Journal of Korean Institute of Communications and Information Sciences, vol. 31, no. 2, pp. 208-218, 2006. DOI: .

[ACM Style]

Mihui Kim, Hayoung Oh, and Kijoon Chae. 2006. An Empirical Comparison Study on Attack Detection Mechanisms Using Data Mining. The Journal of Korean Institute of Communications and Information Sciences, 31, 2, (2006), 208-218. DOI: .

[KICS Style]

Mihui Kim, Hayoung Oh, Kijoon Chae, "An Empirical Comparison Study on Attack Detection Mechanisms Using Data Mining," The Journal of Korean Institute of Communications and Information Sciences, vol. 31, no. 2, pp. 208-218, 2. 2006.

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)






pISSN : 1226 - 4717
eISSN : 2287 - 3880