Abstract
Network data sets are often used for evaluating the performance of intrusion detection systems and intrusion prevention systems[1]. The KDD CUP 99’ data set, which was modeled after MIT Lincoln laboratory network data has been a popular network data set used for evaluation network intrusion detection algorithm and system. However, many points at issues have been discovered concerning the modeling method of the KDD CUP 99’ data. This paper proposed both a measure to compare the similarities between two data groups and an optimization method to efficiently modeled data sets with the proposed measure. Then, both similarities between KDD CUP 99’ and MIT Lincoln laboratory data that between our composed data set from the MIT Lincoln laboratory data and MIT Lincoln laboratory are compared quantitatively.
This research was supported by Korea University Grant.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Bishop, M., Cheung, S.: The Threat from the Net. IEEE Spectrum (1997)
Amoroso, E.: Intrusion Detection, Intrusion.Net Books (1999)
Northcutt, S.: Network Intrusion Detection: An Analysis Handbook. Net Riders Publishing, Indianapolis (1999)
Mariani, J., Cole, R.A., Mariani, J., Uskoriet, H., Zaenen, A., Zue, V.: Survey of the Evaluation. In: State of the Art in Human Language Technology. Cambridge University Press, Cambridge (1997)
Puketza, N., Zhang, K., Chung, M., Mukherjee, B., Olsson, R.A.: A Methodology for Testing Intrusion Detection System. IEEE Transactions on Software Engineering 22, 719–729 (1996)
Ko, C., Fink, G., Levitt, K.: Execution Monitoring of Security critgical Programs in Fistribution Systems: A Specification-based Approach. In: IEEE Symposium on Security and Privacy, pp. 134–144 (1997)
Shipley, G.: ISS RealSecure Pushed Past Newer IDS Players. In: Network Computing. CMP Publication, Inc. (1999)
Allen, J., Christie, A., Fithen, W., McHugh, J., Pickel, J., Stoner, E.: State of the Practice of Intrusion Detection Technologies, Technical Report, Carnegie Mellon University
Lippmann, R.P., Fried, D.J., Graf, I., Haines, J.W., Kendall, K.R., McClurg, D., Weber, D., Webster, S.E., Wyschogrod, D., Conningham, R.K., Zissman, M.A.: Evaluating Intrusion Detection Systems: the 1998 DARPA Oine Intrusion Detection Evaluation. In: DARPA Information Survivabillity Conference and Exposition, vol. 2 (2000)
Lippmann, R.P., Cunningham, R.K.: Improving Intrusion Detection Performance Using Keyword Selection and Neural Networks. Computer Networks 34(4), 597–603 (2000)
Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 DARPA O-line Intrusion Detection Evaluation. Computer Networks 34(4), 579–595 (2000)
MIT Lincoln Laboratory, LNKnet software (2002), http://www.ll.mit.edu/IST/lnknet/index.html
Agarwal, R., Joshi, M.V.: PNrule: A NewFramework for Learning Classifier Models in Data Mining, Technical Report TR00-015, Department of Computer Science, University of Minnesota (2000)
Levin, I.: KDD-99 Classifier Learning Contest LLSoft’s Results Overview. SIGKDD Explorations, ACM SIGKDD 1(2), 6775 (2000)
Yeung, D.Y., Chow, C.: Parzenwindow Network Intrusion Detectors. In: The Sixteenth International Conference on Pattern Recognition, pp. 11–15 (2002)
Kendall, K.: A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems, Master’s Thesis, MIT, Boston, MA (1998)
Knowledge Discovery and Data Mining (KDD), KDD CUP 99’ Network Data Set (1999), http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
Durst, R., Champion, T., Witten, B., Miller, E., Spagnuolo Testing, L.: Evaluating Computer Intrusion Detection Systems. Communications of the ACM 42(7), 53–61 (1999)
Cristianini, N., Shawe, J.: An Introduction to Support Vector Machines and other kernel-based learning methods. Cambridge Press, New York (2004)
Lee, W., Stolfo, S.J., Mok, K.W.: A Data Mining Framework for Building Intrusion Detection Models. In: IEEE Symposium on Security and Privacy, p. 120132 (1999)
Lee, W., Stolfo, S.J., Mok, K.W.: Mining in a Data Flow Environment: Experience in Network Intrusion Detection. In: The 5th ACM SIGKDD, pp. 114–124 (1999)
Elkan, C.: Results of the KDD 99’ Classifier Learning. ACM SIGKDD Explorations Newsletter (2000)
Haines, J.W.: 1999 DARPA Intrusion Detection Evaluation, Technical Report 1062, MIT Lincoln Laboratory (2001)
Haines, J.W., Lippmann, R.P.: 1999 DARPA Intrusion Detection Evaluation: Design and Procedure. MIT Licoln Laboratory (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cho, J., Choi, K., Shon, T., Moon, J. (2011). A Network Data Abstraction Method for Data Set Verification. In: Park, J.J., Lopez, J., Yeo, SS., Shon, T., Taniar, D. (eds) Secure and Trust Computing, Data Management and Applications. STA 2011. Communications in Computer and Information Science, vol 186. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22339-6_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-22339-6_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22338-9
Online ISBN: 978-3-642-22339-6
eBook Packages: Computer ScienceComputer Science (R0)