Chapter

Machine Learning in Cyber Trust

pp 133-154

Date:

Efficient Mining and Detection of Sequential Intrusion Patterns for Network Intrusion Detection Systems

  • Mei-Ling ShyuAffiliated withDepartment of Electrical and Computer Engineering, University of Miami Email author 
  • , Zifang HuangAffiliated withDepartment of Electrical and Computer Engineering, University of Miami
  • , Hongli LuoAffiliated withDepartment of Computer and Electrical Engineering Technology and Information System and Technology, Indiana University - Purdue University Fort Wayne

* Final gross prices may vary according to local VAT.

Get Access

In recent years, pervasive computing infrastructures have greatly improved the interaction between human and system. As we put more reliance on these computing infrastructures, we also face threats of network intrusion and/or any new forms of undesirable IT-based activities. Hence, network security has become an extremely important issue, which is closely connected with homeland security, business transactions, and people's daily life. Accurate and efficient intrusion detection technologies are required to safeguard the network systems and the critical information transmitted in the network systems. In this chapter, a novel network intrusion detection framework for mining and detecting sequential intrusion patterns is proposed. The proposed framework consists of a Collateral Representative Subspace Projection Modeling (C-RSPM) component for supervised classification, and an inter-transactional association rule mining method based on Layer Divided Modeling (LDM) for temporal pattern analysis. Experiments on the KDD99 data set and the traffic data set generated by a private LAN testbed show promising results with high detection rates, low processing time, and low false alarm rates in mining and detecting sequential intrusion detections.