Skip to main content
SpringerLink
Log in

Composing Miners to Develop an Intrusion Detection Solution

  • Conference paper
Privacy, Security, and Trust in KDD (PInKDD 2008)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5456))

Included in the following conference series:

  • 587 Accesses

Abstract

Today, security is of strategic importance for many computer science applications. Unfortunately, an optimal solution does not exist and often system administrators are faced with new security problems when trying to protect computing resources within a reasonable time. Security applications that seem effective at first, could actually be unsuitable. This paper introduces a way of developing flexible computer security solutions which can allow system administrators to intervene rapidly on systems by adapting not only existing solutions but new ones as well. To this end, the study suggests considering the problem of intrusion detection as a Knowledge Discovery process and to describe it in terms of both e-services and miner building blocks. In addition, a definition of an intrusion detection process using Web content analysis generated by users is presented.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Kemmerer, R.A., Vigna, G.: Intrusion Detection: A Brief History and Overview. Part supplement IEEE Computer 35(4), 27–30 (2002)

    Google Scholar 

  2. Tront, J.G., Marchany, R.C.: Internet security: intrusion detection & prevention. In: 37th IEEE Annual Hawaii International Conference on System Sciences, January 5-8. IEEE Press, New York (2004)

    Google Scholar 

  3. Smith, C.L., Robinson, M.: The Understanding of Security Technology and It’s Application. In: IEEE 33rd Annual 1999 International Carnahan Conference on Security Technology, pp. 26–37. IEEE Press, New York (1999)

    Google Scholar 

  4. Kemmerer, R., Vigna, G.: Hi-DRA: Intrusion Detection for Internet Security. Proceedings of IEEE 93(10), 1848–1857 (2005)

    Article  Google Scholar 

  5. Anderson, D., Lunt, T.G., Javitz, H., Tamaru, A., Valdes, A.: Detecting Unusual Program Behavior using the StatisticalComponents of the Next-Generation Intrusion Detection ExpertSystem (NIDES). In: Compuler Science Loboratory SRI-CSL-95-06 (May 1995)

    Google Scholar 

  6. Cai, Y., Clutter, D., Pape, G., Han, J., Welge, M., Auvil, L.: MAIDS: Mining Alarming Incidents from Data Streams. In: ACM-SIGMOD Int. Conf. Management of Data (SIGMOD 2004), pp. 919–920. ACM Press, New York (2004)

    Chapter  Google Scholar 

  7. Mahoney, M.: A Machine Learning Approach to Detecting Attacks by Identifying Anomalies in Network Traffic. Florida Institute of Technology, Melbourne (2003)

    Google Scholar 

  8. Lee, W., Stolfo, S.J., Mok, K.W.: Mining Audit Data to Build ID Model. In: 4th International Conference on Knowledge Discovery and Data Mining, New York, pp. 66–72 (1998)

    Google Scholar 

  9. Seleznyov, A., Mazhelis, O., Puuronen, S.: Learning Temporal Regularities of User Behavior for Anomaly Detection. In: Gorodetski, V.I., Skormin, V.A., Popyack, L.J. (eds.) MMM-ACNS 2001. LNCS, vol. 2052, pp. 143–152. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  10. Pepyne, D.L., Hu, J., Gong, W.: User Profiling for Computer Security. In: American Conference on Control, Boston, June 30 – July 2, pp. 982–987 (2004)

    Google Scholar 

  11. Esposito, M., Mazzariello, C., Oliviero, F., Romano, S.P., Sansone, C.: Real Time Detection of Novel Attacks by Means of Data Mining. In: ACM ICEIS Conference (2005)

    Google Scholar 

  12. Liu, Z., Campbell, R.H., Mickunas, M.D.: Security as services in active networks. In: Seventh International Symposium on Computers and Communications, pp. 883–890 (2002)

    Google Scholar 

  13. Torrellas, G.A.S., Cruz, D.V.: Security in a PKI-based networking environment: a multi-agent architecture for distributed security management system & control. In: Second IEEE International Conference on Computational Cybernatics, pp. 183–188 (2004)

    Google Scholar 

  14. Yau, S.S., Yao, Y., Chen, Z., Zhu, L.: An Adaptable Security Framework for Service-based Systems. In: 10th IEEE International Workshop on Object Oriented Real-Time Dependable Systems, pp. 28–35 (2005)

    Google Scholar 

  15. Yao, Z., Kim, D., Lee, I., Kim, K., Jang, J.: A security framework with trust management for sensor networks. In: Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, pp. 190–198 (2005)

    Google Scholar 

  16. Feiertag, R., Redmond, T., Rho, S.: A Framework for Building Composable Replaceable Security Services. In: DARPA Information Survivability Conference and Exposition. DISCEX 2000, vol. 2, pp. 391–402 (2000)

    Google Scholar 

  17. Chatzigiannakis, V., Androulidakis, G., Maglaris, B.: A Distributed Intrusion Detection Prototype Using Security Agents. In: 11th Workshop HP OpenView University Association (HPOVUA), Paris, France (June 2004)

    Google Scholar 

  18. Castellano, M., Pastore, N., Arcieri, F., Summo, V., Bellone de Grecis, G.: A Flexible Mining Architecture for Providing New E-Knowledge Services. In: 38th Annual Hawaii International Conference On System Sciences - Track 3. IEEE Computer Society Press, Los Alamitos (2005)

    Google Scholar 

  19. Castellano, M., Pastore, N., Arcieri, F., Summo, V., Bellone de Grecis, G.: Orchestrating the Knowledge Discovery Process. In: E-Service Intelligence: Methodologies, Technologies and Application. Springer, Berlin (2007)

    Google Scholar 

  20. Castellano, M., Mastronardi, G., Aprile, A., Minardi, M., Catalano, P., Dicensi, V., Tarricone, G.: A Decision Support System base line Flexible Architecture to Intrusion Detection. Journal of Software 2(6), 30–41 (2007)

    Article  Google Scholar 

  21. Matheus, C.J., Chan, P.K., Piatetsky-Shapiro, G.: System for Knowledge Discovery in Databases. IEEE Transactions on Knowledge and Data Engineering (TKDE), Special Issue on Learning & Discovery in Knowledge-Based Databases 5(6), 903–913 (1993)

    Article  Google Scholar 

  22. Lee, W., Stolfo, S.J.: Combining Knowledge Discovery and Knowledge Engineering to Build IDSs. In: 2nd International Workshop on Recent Advances in Intrusion Detection, West Lafayette, IN (1999)

    Google Scholar 

  23. WASET: 4th International Conference on Knowledge Mining. In: Proceedings of World Academy of Science, Engineering and Technology, vol. 26 (2007)

    Google Scholar 

  24. Fayyad, U.M., Piatetsky-Shapiro, G., Smith, P., Uthurusamy, R.: Advances in Knowledge Discovery and Data mining. MIT Press, London (1996)

    Google Scholar 

  25. Han, J., Kamber, M.: Data Mining: Concepts and Technique. Morgan Kaufmann Publishers, Academic Press, USA (2001)

    Google Scholar 

  26. Cooley, R., Mobasher, B., Srivastava, J.: Web Mining: Information and Pattern Discovery on the World Wide Web. In: Ninth IEEE International Conference on Tools with Artificial Intelligence, pp. 558–567. IEEE Press, New York (1997)

    Chapter  Google Scholar 

  27. Zhang, W., Tang, X.: Web Text Mining on XSSC. In: Gu, J.F., Nakamori, Y., Wang, Z.T., Tang, X.J. (eds.) KSS 2006, pp. 167–175. Global Link Publisher (2006)

    Google Scholar 

  28. Felici, G., Vercellis, C.: Special Issue in Mathematical Method for Learning. Advances in Data Mining and Knowledge MML (2004); In: Computational optimization and Applications, vol. 38(2). Springer, Netherlands (2007)

    Google Scholar 

  29. Bozdogan, H.: Statistical Data Mining and Knowledge Discovery. Chapman and Hall/CRC, Boca Raton (2004)

    MATH  Google Scholar 

  30. CRoss Industry Standard Process for Data Mining, http://www.crisp-dm.org/

  31. Chapman, P., Clinton, J., Kerber, R., Khabaza, T., Reinartz, T., Shearer, C., Wirth, R.: CRISP-DM 1.0 Step-by-step data mining guide. CRISP-DM Consortium. SPSS Inc. (2000), http://www.crisp-dm.org/CRISPWP-0800.pdf

  32. Wirth, R., Hipp, J.: CRISP-DM: Towards a Standard Process Model for Data Mining. In: 4th International Conference on the Practical Applications of Knowledge Discovery and Data Mining (PADD 2000), Manchester, UK, pp. 29–39 (2000)

    Google Scholar 

  33. Lee, W., Stolfo, S.J., Mok, K.W.: Data mining approaches for intrusion detection. In: 7th USENIX Security Symposium, San Antonio, TX (1998)

    Google Scholar 

  34. Julisch, K.: Data mining for Intrusion Detection: a Critical Review. In: Barbara, D., Jajodia, S. (eds.) Applications of Data Mining in Computer Security. Kluwer Academic Publisher, Dordrecht (2002)

    Google Scholar 

  35. Paxson, V., Floyd, S.: Difficulties in simulating the internet. Transactions on Networking 9, 392–403 (2001)

    Article  Google Scholar 

  36. Hackathom, R.D.: Web Farming for the Data Warehouse. In: Gray, J. (Series ed.) The Morgan Kaufmann Series in Data Management Systems (1998)

    Google Scholar 

  37. IBM, BEA Systems, Microsoft, SAP AG, Siebel Systems: Business Process Execution Language for Web Services (BPEL4WS), http://www.ibm.com/developerworks/library/specification/ws-bpel/

  38. IBM, BEA Systems, Microsoft, SAP AG, Siebel: SystemsBusiness Process Execution Language for Web Services: Version 1.1, http://download.boulder.ibm.com/ibmdl/pub/software/dw/specs/ws-bpel/ws-bpel.pdf

  39. Peltz, C.: Web Service Orchestration: a review of emerging technologies, tools, and standards.Techical report, Hewlett-Packard Company (2003)

    Google Scholar 

  40. GATE – General Architetcture for Text Engineering, http://gate.ac.uk/

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Elettrotecnica ed Elettronica Politecnico di Bari Via Orabona 4, 70125, Bari, Italy

    Marcello Castellano, Giuseppe Mastronardi, Luca Pisciotta & Gianfranco Tarricone

Authors
  1. Marcello Castellano
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Giuseppe Mastronardi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Luca Pisciotta
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Gianfranco Tarricone
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Yahoo! Research Barcelona, Avinguda Drive 177, 08018, Barcelona, Spain

    Francesco Bonchi

  2. Department of Computer Science and Communication, University of Insubria, 22100, Varese, Italy

    Elena Ferrari

  3. 311 Computer Science Building, 500W. 15th St., MO 65409, Rolla, USA

    Wei Jiang

  4. Department of Biomedical Informatics, Vanderbilt University, TN 37203, nashville, USA

    Bradley Malin

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Castellano, M., Mastronardi, G., Pisciotta, L., Tarricone, G. (2009). Composing Miners to Develop an Intrusion Detection Solution. In: Bonchi, F., Ferrari, E., Jiang, W., Malin, B. (eds) Privacy, Security, and Trust in KDD. PInKDD 2008. Lecture Notes in Computer Science, vol 5456. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01718-6_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-01718-6_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-01717-9

  • Online ISBN: 978-3-642-01718-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation