Nothing Special   »   [go: up one dir, main page]

Skip to main content

A Network Data Abstraction Method for Data Set Verification

  • Conference paper
Secure and Trust Computing, Data Management and Applications (STA 2011)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 186))

Abstract

Network data sets are often used for evaluating the performance of intrusion detection systems and intrusion prevention systems[1]. The KDD CUP 99’ data set, which was modeled after MIT Lincoln laboratory network data has been a popular network data set used for evaluation network intrusion detection algorithm and system. However, many points at issues have been discovered concerning the modeling method of the KDD CUP 99’ data. This paper proposed both a measure to compare the similarities between two data groups and an optimization method to efficiently modeled data sets with the proposed measure. Then, both similarities between KDD CUP 99’ and MIT Lincoln laboratory data that between our composed data set from the MIT Lincoln laboratory data and MIT Lincoln laboratory are compared quantitatively.

This research was supported by Korea University Grant.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Bishop, M., Cheung, S.: The Threat from the Net. IEEE Spectrum (1997)

    Google Scholar 

  2. Amoroso, E.: Intrusion Detection, Intrusion.Net Books (1999)

    Google Scholar 

  3. Northcutt, S.: Network Intrusion Detection: An Analysis Handbook. Net Riders Publishing, Indianapolis (1999)

    Google Scholar 

  4. Mariani, J., Cole, R.A., Mariani, J., Uskoriet, H., Zaenen, A., Zue, V.: Survey of the Evaluation. In: State of the Art in Human Language Technology. Cambridge University Press, Cambridge (1997)

    Google Scholar 

  5. Puketza, N., Zhang, K., Chung, M., Mukherjee, B., Olsson, R.A.: A Methodology for Testing Intrusion Detection System. IEEE Transactions on Software Engineering 22, 719–729 (1996)

    Article  Google Scholar 

  6. Ko, C., Fink, G., Levitt, K.: Execution Monitoring of Security critgical Programs in Fistribution Systems: A Specification-based Approach. In: IEEE Symposium on Security and Privacy, pp. 134–144 (1997)

    Google Scholar 

  7. Shipley, G.: ISS RealSecure Pushed Past Newer IDS Players. In: Network Computing. CMP Publication, Inc. (1999)

    Google Scholar 

  8. Allen, J., Christie, A., Fithen, W., McHugh, J., Pickel, J., Stoner, E.: State of the Practice of Intrusion Detection Technologies, Technical Report, Carnegie Mellon University

    Google Scholar 

  9. Lippmann, R.P., Fried, D.J., Graf, I., Haines, J.W., Kendall, K.R., McClurg, D., Weber, D., Webster, S.E., Wyschogrod, D., Conningham, R.K., Zissman, M.A.: Evaluating Intrusion Detection Systems: the 1998 DARPA Oine Intrusion Detection Evaluation. In: DARPA Information Survivabillity Conference and Exposition, vol. 2 (2000)

    Google Scholar 

  10. Lippmann, R.P., Cunningham, R.K.: Improving Intrusion Detection Performance Using Keyword Selection and Neural Networks. Computer Networks 34(4), 597–603 (2000)

    Article  Google Scholar 

  11. Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 DARPA O-line Intrusion Detection Evaluation. Computer Networks 34(4), 579–595 (2000)

    Article  Google Scholar 

  12. MIT Lincoln Laboratory, LNKnet software (2002), http://www.ll.mit.edu/IST/lnknet/index.html

  13. Agarwal, R., Joshi, M.V.: PNrule: A NewFramework for Learning Classifier Models in Data Mining, Technical Report TR00-015, Department of Computer Science, University of Minnesota (2000)

    Google Scholar 

  14. Levin, I.: KDD-99 Classifier Learning Contest LLSoft’s Results Overview. SIGKDD Explorations, ACM SIGKDD 1(2), 6775 (2000)

    Google Scholar 

  15. Yeung, D.Y., Chow, C.: Parzenwindow Network Intrusion Detectors. In: The Sixteenth International Conference on Pattern Recognition, pp. 11–15 (2002)

    Google Scholar 

  16. Kendall, K.: A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems, Master’s Thesis, MIT, Boston, MA (1998)

    Google Scholar 

  17. Knowledge Discovery and Data Mining (KDD), KDD CUP 99’ Network Data Set (1999), http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

  18. Durst, R., Champion, T., Witten, B., Miller, E., Spagnuolo Testing, L.: Evaluating Computer Intrusion Detection Systems. Communications of the ACM 42(7), 53–61 (1999)

    Article  Google Scholar 

  19. Cristianini, N., Shawe, J.: An Introduction to Support Vector Machines and other kernel-based learning methods. Cambridge Press, New York (2004)

    MATH  Google Scholar 

  20. Lee, W., Stolfo, S.J., Mok, K.W.: A Data Mining Framework for Building Intrusion Detection Models. In: IEEE Symposium on Security and Privacy, p. 120132 (1999)

    Google Scholar 

  21. Lee, W., Stolfo, S.J., Mok, K.W.: Mining in a Data Flow Environment: Experience in Network Intrusion Detection. In: The 5th ACM SIGKDD, pp. 114–124 (1999)

    Google Scholar 

  22. Elkan, C.: Results of the KDD 99’ Classifier Learning. ACM SIGKDD Explorations Newsletter (2000)

    Google Scholar 

  23. Haines, J.W.: 1999 DARPA Intrusion Detection Evaluation, Technical Report 1062, MIT Lincoln Laboratory (2001)

    Google Scholar 

  24. Haines, J.W., Lippmann, R.P.: 1999 DARPA Intrusion Detection Evaluation: Design and Procedure. MIT Licoln Laboratory (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Cho, J., Choi, K., Shon, T., Moon, J. (2011). A Network Data Abstraction Method for Data Set Verification. In: Park, J.J., Lopez, J., Yeo, SS., Shon, T., Taniar, D. (eds) Secure and Trust Computing, Data Management and Applications. STA 2011. Communications in Computer and Information Science, vol 186. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22339-6_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22339-6_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22338-9

  • Online ISBN: 978-3-642-22339-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics