Classification, Clustering and Application in Intrusion Detection System
#1




Kaushal Mittal 04329024
M.Tech I Year
Under the Guidance of Prof. Sunita Sarawagi
KReSIT, Indian Institute of Technology Bombay



Abstract

Classification and clustering techniques in data mining are useful for a wide variety of real time applications dealing with large amount of data. Some of the applications of data mining are text classification, selective marketing, medical diagnosis, intrusion detection systems. Intrusion detection system are software system for identifying the deviations from the normal behavior and usage of the system. They detect attacks using the data mining techniques - classification and clustering algorithms. In this report, I discuss approaches based on classification techniques like naive bayesian classifiers, neural networks and WINNOW based algorithm. Approaches based on clustering techniques like hierarchical and density based clustering have been discussed to emphasize the use of clustering techniques in intrusion detection.

Introduction

Classification techniques analyze and categorize the data into known classes. Each data sample is labeled with a known class label. Clustering is a process of grouping objects resulting into set of clusters such that similar objects are members of the same cluster and dissimilar objects belongs to different clusters. In classification, the classes and number of classes is predefined. Training examples are used to create a model, where each training sample is assigned a predefined label. This is not the case with clustering. Classification techniques are examples of supervised learning and clustering techniques are examples of unsupervised learning.

Intrusion detection systems are softwares used for identifying the intentional or unintentional use of the system resources by unauthorized users. They can be categorized into misuse detection systems and anomaly detection systems. Misuse detection systems model attacks as a specific pattern and are more useful in detecting known attack patterns. Anomaly detection systems are adaptive systems that distinguish the behavior of the normal users from the other users. The misuse detection systems can detect specific types of attacks but are not generalized. They cannot detect new attacks until trained for them. On the other hand, anomaly detection systems are adaptive in nature, they can deal with new attacks, but they cannot identify the specific type of attacks. If the intrusion occurs during learning, then the anomaly detection system may learn the intruders behavior and hence may fail. Being more generalized and having a wider scope as compared to misuse detection systems, most of the current research focus on anomaly detection systems.


Data mining approaches can be applied for both anomaly and misuse detection. The data sample are a set of system properties, representing the behavior of the system/user. Classification techniques are used to learn a model using the training set of data samples. The model is used to classify the data samples as anomalous behavior instance or the normal behavior

instance. Clustering techniques can be used to form clusters of data samples corresponding to the normal use of the system. Any data sample with characteristics different from the formed clusters is considered to be an instance of anomalous behavior. Clustering based techniques can detect new attacks as compared to the classification based techniques.

A number of classification and clustering algorithms can be used for anomaly detection. [?] proposes the use of bayesian classifiers to learn a model that distinguishes the behavior of intruder from the normal users behavior. [?] proposes hierarchical clustering based algorithm for anomaly detection on network. [?] proposes the WINNOW based algorithm for anomaly detection. [?] proposes the use of neural networks and [?] proposes the use of density based clustering for anomaly detection.

Rest of the report is organized as follows: Section 2 discusses the bayesian classifiers and neural network based classification. Section 3 discusses the hierarchical and density based clustering. Section 4 discusses the anomaly detection approach based on WINNOW based algorithm and the use of the classification and clustering algorithms discussed in section 2 and section 3, for anomaly detection. Section 5 gives the conclusion.


for more:
http://docs.googleviewer?a=v&q=cache:E9J...it.iitb.ac~kaushal/downloads/seminarsreport.pdf+Classification,+Clustering+and+Application+in+Intrusion+Detection+System+pdf&hl=en&gl=in&pid=bl&srcid=ADGEESgXLHx74s7MfH4QpKLPEO8q19LIThMSr6obmApJ_J_mdfSZeavw5R-_TvF2CHiZpasGJeNzDRaabzaxykrzNlr5eQ_veAWN-wfYek9ksj8Tab9t-tuTrUgWQ6i_h50IL9fNsCWp&sig=AHIEtbRLU7Fnnj4CRh3zrmdqRMqXndwo7Q



Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: free ppt on engine and their classification, toward integrating feature selection algorithms for classification and clustering, text classification using self clustering algorithmppt, intrusion detection application using ns2, ecg arrhythmia detection and classification ppt, a fuzzy self constructing feature clustering algorithm for text classification ppt, classification system church libraries,

[-]
Quick Reply
Message
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  OBJECT TRACKING AND DETECTION full report project topics 9 30,656 06-10-2018, 12:20 PM
Last Post: jntuworldforum
  Host-Based Intrusion Detection Using user signatures nit_cal 2 2,374 06-10-2016, 10:27 AM
Last Post: ijasti
  DETECTION OF THE MALARIAL PARASITE INFECTED BLOOD IMAGES BY 3D-ANALYSIS project report tiger 2 2,387 26-09-2016, 10:55 AM
Last Post: ijasti
  ULTRA SONIC TECHNIQUES FOR THE DETECTION OF HIDDEN CORROSION IN AIR CRAFT WING SKIN seminar projects crazy 5 6,073 15-04-2016, 08:04 PM
Last Post: knagpur
  ARTIFICIAL INTELLIGENCE IN VIRUS DETECTION AND RECOGNITION seminar project explorer 2 3,345 22-07-2013, 11:44 AM
Last Post: computer topic
  Particle Swarm Optimization Algorithm and Its Application in Engineering Design Optim computer science crazy 3 5,473 03-05-2013, 10:28 AM
Last Post: computer topic
  Layered Approach Using Conditional Random Fields for Intrusion Detection project report helper 11 7,739 01-03-2013, 11:58 AM
Last Post: [email protected]
  SLEEP SERVER & ITS ENTERPRISE APPLICATION seminar surveyer 5 2,888 03-12-2012, 11:25 PM
Last Post: Guest
  A survey of usage of Data Mining and Data Warehousing in Academic Institution and Lib seminar class 1 2,118 29-11-2012, 12:56 PM
Last Post: seminar details
  A Seminar Report On INTRUSION DETECTION SYSTEM Computer Science Clay 1 5,749 23-11-2012, 01:13 PM
Last Post: seminar details

Forum Jump: