Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Analysis of Three Intrusion Detection System Benchmark Datasets Using Machine Learning Algorithms

  • Conference paper
Intelligence and Security Informatics (ISI 2005)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3495))

Included in the following conference series:

Abstract

In this paper, we employed two machine learning algorithms – namely, a clustering and a neural network algorithm – to analyze the network traffic recorded from three sources. Of the three sources, two of the traffic sources were synthetic, which means the traffic was generated in a controlled environment for intrusion detection benchmarking. The main objective of the analysis is to determine the differences between synthetic and real-world traffic, however the analysis methodology detailed in this paper can be employed for general network analysis purposes. Moreover the framework, which we employed to generate one of the two synthetic traffic sources, is briefly discussed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Kayacik, G.H., Zincir-Heywood, A.N.: Generating Representative Traffic for Intrusion Detection System Benchmarking. In: Proceedings of the IEEE CNSR 2005 Halifax, Canada (May 2005)

    Google Scholar 

  2. Odlyzko, A.: Internet traffic growth: Sources and implications (2003), http://www.dtc.umn.edu/~odlyzko/doc/itcom.internet.growth.pdf (last accessed November 2004)

  3. Norris, J.R.: Markov Chains. Cambridge University Press, Cambridge (1997) ISBN 0-521-48181-3

    MATH  Google Scholar 

  4. Kayacik, G.H., Zincir-Heywood, A.N., Heywood, M.I.: On the capability of SOM based intrusion detection systems. In: Proceedings of the 2003 IEEE IJCNN, Portland, USA (July 2003)

    Google Scholar 

  5. MacQueen, J.B.: Some Methods for classification and Analysis of Multivariate Observations. In: Proceedings of 5th Berkeley Symposium on Mathematical Statistics and Probability, vol. 1, pp. 281–297. University of California Press, Berkeley (1967)

    Google Scholar 

  6. Chambers, J., Cleveland, W., Kleiner, B., Tukey, P.: Graphical Methods for Data Analysis, Wadsworth (1983)

    Google Scholar 

  7. McHugh, J.: Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory. ACM Transactions on Information and System Security 3(4) (November 2000)

    Google Scholar 

  8. Mahoney, M.V., Chan, P.K.: An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection. In: Vigna, G., Krügel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 220–237. Springer, Heidelberg (2003) ISBN 3-540-40878-9

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Computer Science, Dalhousie University, 6050 University Avenue, Halifax, Nova Scotia, B3H 1W5, Canada

    H. Güneş Kayacık & Nur Zincir-Heywood

Authors
  1. H. Güneş Kayacık
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nur Zincir-Heywood
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Library and Information Science, Rutgers University,  

    Paul Kantor

  2. School of Communication, Information and Library Studies, Rutgers University, 4 Huntington Street, 08901-1071, New Brunswick, NJ, USA

    Gheorghe Muresan

  3. Artificial Solutions, Altonaer Poststraße 13b, 22767, Hamburg, Germany

    Fred Roberts

  4. MIS Department, University of Arizona, 85721, Tucson, AZ, USA

    Daniel D. Zeng

  5. Institute of Automation, Chinese Academy of Sciences, Beijing, China

    Fei-Yue Wang

  6. Department of Management Information Systems, Eller College of Management, The University of Arizona, 85721, AZ, USA

    Hsinchun Chen

  7. College of Computing, Georgia Tech Information Security Center, Georgia Institute of Technology, 801 Atlantic Drive, 30332-0280, Atlanta, GA, USA

    Ralph C. Merkle

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kayacık, H.G., Zincir-Heywood, N. (2005). Analysis of Three Intrusion Detection System Benchmark Datasets Using Machine Learning Algorithms. In: Kantor, P., et al. Intelligence and Security Informatics. ISI 2005. Lecture Notes in Computer Science, vol 3495. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11427995_29

Download citation

  • DOI: https://doi.org/10.1007/11427995_29

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-25999-2

  • Online ISBN: 978-3-540-32063-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation