Abstract
Today, security is of strategic importance for many computer science applications. Unfortunately, an optimal solution does not exist and often system administrators are faced with new security problems when trying to protect computing resources within a reasonable time. Security applications that seem effective at first, could actually be unsuitable. This paper introduces a way of developing flexible computer security solutions which can allow system administrators to intervene rapidly on systems by adapting not only existing solutions but new ones as well. To this end, the study suggests considering the problem of intrusion detection as a Knowledge Discovery process and to describe it in terms of both e-services and miner building blocks. In addition, a definition of an intrusion detection process using Web content analysis generated by users is presented.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kemmerer, R.A., Vigna, G.: Intrusion Detection: A Brief History and Overview. Part supplement IEEE Computer 35(4), 27–30 (2002)
Tront, J.G., Marchany, R.C.: Internet security: intrusion detection & prevention. In: 37th IEEE Annual Hawaii International Conference on System Sciences, January 5-8. IEEE Press, New York (2004)
Smith, C.L., Robinson, M.: The Understanding of Security Technology and It’s Application. In: IEEE 33rd Annual 1999 International Carnahan Conference on Security Technology, pp. 26–37. IEEE Press, New York (1999)
Kemmerer, R., Vigna, G.: Hi-DRA: Intrusion Detection for Internet Security. Proceedings of IEEE 93(10), 1848–1857 (2005)
Anderson, D., Lunt, T.G., Javitz, H., Tamaru, A., Valdes, A.: Detecting Unusual Program Behavior using the StatisticalComponents of the Next-Generation Intrusion Detection ExpertSystem (NIDES). In: Compuler Science Loboratory SRI-CSL-95-06 (May 1995)
Cai, Y., Clutter, D., Pape, G., Han, J., Welge, M., Auvil, L.: MAIDS: Mining Alarming Incidents from Data Streams. In: ACM-SIGMOD Int. Conf. Management of Data (SIGMOD 2004), pp. 919–920. ACM Press, New York (2004)
Mahoney, M.: A Machine Learning Approach to Detecting Attacks by Identifying Anomalies in Network Traffic. Florida Institute of Technology, Melbourne (2003)
Lee, W., Stolfo, S.J., Mok, K.W.: Mining Audit Data to Build ID Model. In: 4th International Conference on Knowledge Discovery and Data Mining, New York, pp. 66–72 (1998)
Seleznyov, A., Mazhelis, O., Puuronen, S.: Learning Temporal Regularities of User Behavior for Anomaly Detection. In: Gorodetski, V.I., Skormin, V.A., Popyack, L.J. (eds.) MMM-ACNS 2001. LNCS, vol. 2052, pp. 143–152. Springer, Heidelberg (2001)
Pepyne, D.L., Hu, J., Gong, W.: User Profiling for Computer Security. In: American Conference on Control, Boston, June 30 – July 2, pp. 982–987 (2004)
Esposito, M., Mazzariello, C., Oliviero, F., Romano, S.P., Sansone, C.: Real Time Detection of Novel Attacks by Means of Data Mining. In: ACM ICEIS Conference (2005)
Liu, Z., Campbell, R.H., Mickunas, M.D.: Security as services in active networks. In: Seventh International Symposium on Computers and Communications, pp. 883–890 (2002)
Torrellas, G.A.S., Cruz, D.V.: Security in a PKI-based networking environment: a multi-agent architecture for distributed security management system & control. In: Second IEEE International Conference on Computational Cybernatics, pp. 183–188 (2004)
Yau, S.S., Yao, Y., Chen, Z., Zhu, L.: An Adaptable Security Framework for Service-based Systems. In: 10th IEEE International Workshop on Object Oriented Real-Time Dependable Systems, pp. 28–35 (2005)
Yao, Z., Kim, D., Lee, I., Kim, K., Jang, J.: A security framework with trust management for sensor networks. In: Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, pp. 190–198 (2005)
Feiertag, R., Redmond, T., Rho, S.: A Framework for Building Composable Replaceable Security Services. In: DARPA Information Survivability Conference and Exposition. DISCEX 2000, vol. 2, pp. 391–402 (2000)
Chatzigiannakis, V., Androulidakis, G., Maglaris, B.: A Distributed Intrusion Detection Prototype Using Security Agents. In: 11th Workshop HP OpenView University Association (HPOVUA), Paris, France (June 2004)
Castellano, M., Pastore, N., Arcieri, F., Summo, V., Bellone de Grecis, G.: A Flexible Mining Architecture for Providing New E-Knowledge Services. In: 38th Annual Hawaii International Conference On System Sciences - Track 3. IEEE Computer Society Press, Los Alamitos (2005)
Castellano, M., Pastore, N., Arcieri, F., Summo, V., Bellone de Grecis, G.: Orchestrating the Knowledge Discovery Process. In: E-Service Intelligence: Methodologies, Technologies and Application. Springer, Berlin (2007)
Castellano, M., Mastronardi, G., Aprile, A., Minardi, M., Catalano, P., Dicensi, V., Tarricone, G.: A Decision Support System base line Flexible Architecture to Intrusion Detection. Journal of Software 2(6), 30–41 (2007)
Matheus, C.J., Chan, P.K., Piatetsky-Shapiro, G.: System for Knowledge Discovery in Databases. IEEE Transactions on Knowledge and Data Engineering (TKDE), Special Issue on Learning & Discovery in Knowledge-Based Databases 5(6), 903–913 (1993)
Lee, W., Stolfo, S.J.: Combining Knowledge Discovery and Knowledge Engineering to Build IDSs. In: 2nd International Workshop on Recent Advances in Intrusion Detection, West Lafayette, IN (1999)
WASET: 4th International Conference on Knowledge Mining. In: Proceedings of World Academy of Science, Engineering and Technology, vol. 26 (2007)
Fayyad, U.M., Piatetsky-Shapiro, G., Smith, P., Uthurusamy, R.: Advances in Knowledge Discovery and Data mining. MIT Press, London (1996)
Han, J., Kamber, M.: Data Mining: Concepts and Technique. Morgan Kaufmann Publishers, Academic Press, USA (2001)
Cooley, R., Mobasher, B., Srivastava, J.: Web Mining: Information and Pattern Discovery on the World Wide Web. In: Ninth IEEE International Conference on Tools with Artificial Intelligence, pp. 558–567. IEEE Press, New York (1997)
Zhang, W., Tang, X.: Web Text Mining on XSSC. In: Gu, J.F., Nakamori, Y., Wang, Z.T., Tang, X.J. (eds.) KSS 2006, pp. 167–175. Global Link Publisher (2006)
Felici, G., Vercellis, C.: Special Issue in Mathematical Method for Learning. Advances in Data Mining and Knowledge MML (2004); In: Computational optimization and Applications, vol. 38(2). Springer, Netherlands (2007)
Bozdogan, H.: Statistical Data Mining and Knowledge Discovery. Chapman and Hall/CRC, Boca Raton (2004)
CRoss Industry Standard Process for Data Mining, http://www.crisp-dm.org/
Chapman, P., Clinton, J., Kerber, R., Khabaza, T., Reinartz, T., Shearer, C., Wirth, R.: CRISP-DM 1.0 Step-by-step data mining guide. CRISP-DM Consortium. SPSS Inc. (2000), http://www.crisp-dm.org/CRISPWP-0800.pdf
Wirth, R., Hipp, J.: CRISP-DM: Towards a Standard Process Model for Data Mining. In: 4th International Conference on the Practical Applications of Knowledge Discovery and Data Mining (PADD 2000), Manchester, UK, pp. 29–39 (2000)
Lee, W., Stolfo, S.J., Mok, K.W.: Data mining approaches for intrusion detection. In: 7th USENIX Security Symposium, San Antonio, TX (1998)
Julisch, K.: Data mining for Intrusion Detection: a Critical Review. In: Barbara, D., Jajodia, S. (eds.) Applications of Data Mining in Computer Security. Kluwer Academic Publisher, Dordrecht (2002)
Paxson, V., Floyd, S.: Difficulties in simulating the internet. Transactions on Networking 9, 392–403 (2001)
Hackathom, R.D.: Web Farming for the Data Warehouse. In: Gray, J. (Series ed.) The Morgan Kaufmann Series in Data Management Systems (1998)
IBM, BEA Systems, Microsoft, SAP AG, Siebel Systems: Business Process Execution Language for Web Services (BPEL4WS), http://www.ibm.com/developerworks/library/specification/ws-bpel/
IBM, BEA Systems, Microsoft, SAP AG, Siebel: SystemsBusiness Process Execution Language for Web Services: Version 1.1, http://download.boulder.ibm.com/ibmdl/pub/software/dw/specs/ws-bpel/ws-bpel.pdf
Peltz, C.: Web Service Orchestration: a review of emerging technologies, tools, and standards.Techical report, Hewlett-Packard Company (2003)
GATE – General Architetcture for Text Engineering, http://gate.ac.uk/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Castellano, M., Mastronardi, G., Pisciotta, L., Tarricone, G. (2009). Composing Miners to Develop an Intrusion Detection Solution. In: Bonchi, F., Ferrari, E., Jiang, W., Malin, B. (eds) Privacy, Security, and Trust in KDD. PInKDD 2008. Lecture Notes in Computer Science, vol 5456. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01718-6_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-01718-6_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-01717-9
Online ISBN: 978-3-642-01718-6
eBook Packages: Computer ScienceComputer Science (R0)