Abstract
This paper suggests a method to check whether the real network dataset and modeling dataset for real network has statistically similar characteristics. The method we adopt in this paper is a Generalized Additive Model. By using this method, we show how similar the MIT/LL Dataset and the KDD CUP 99’ Dataset are regarding their characteristics. It provided reasonable outcome for us to confirm that MIT/LL Dataset and KDD Cup Dataset are not statistically similar.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Aguirre, S.J., Hill, W.H.: Intrusion Detection Fly-Off: Implications for the United States Navy, MITRE Technical Report 97W0000096 (1997)
Puketza, N., Chung, M., Olsson, R.A., Mukherjee, B.: A software platform for testing intrusion detection systems. IEEE Software 14, 43–51 (1997)
Haines, J.W., Laboratory, L.: 1999 DARPA intrusion detection evaluation: design and procedures, Massachusetts Institute of Technology, Lincoln Laboratory, Lexington, Mass (2001)
Lippmann, R., Haines, J., Fried, D.J., Korba, J., Das, K.: Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907, pp. 162–182. Springer, Heidelberg (2000)
Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 DARPA off-line intrusion detection evaluation. Computer Networks 34, 579–595 (2000)
Lippmann, R.P., Fried, D.J., Graf, I., Haines, J.W., Kendall, K.R., McClung, D., Weber, D., Webster, S.E., Wyschogrod, D., Cunningham, R.K.: Evaluating intrusion detection systems: the 1998 DARPA off-lineintrusion detection evaluation. In: DARPA Information Survivability Conference and Exposition 2 (2000)
Durst, R., Champion, T., Witten, B., Miller, E., Spagnuolo, L.: Testing and evaluating computer intrusion detection systems. Communications of the ACM 42, 53–61 (1999)
Mueller, P., Shipley, G.: Dragon claws its way to the top. Network Computing 20, 45–67 (2001)
Wood, S.N.: The mgcv Package (2007), http://cran.r-project.org/doc/packages/mgcv.pdf
Faraway, J.J.: Linear Models With R. CRC Press, Boca Raton (2005)
Hastie, T., Tibshirani, R.: Generalized Additive Models. Statistical Science 1, 297–310 (1986)
Hastie, T., Tibshirani, R.: Generalized Additive Models: Some Applications. Journal of the American Statistical Association 82, 371–386 (1987)
Hastie, T., Tibshirani, R.: Generalized additive models. Chapman and Hall/CRC, Boca Raton (1990)
Wood, S.N.: Generalized additive models: an introduction with R. Chapman and Hall/CRC, Boca Raton (2006)
Xiang, D.: Fitting Generalized Additive Models with the GAM Procedure, SAS Institute Paper P 256 (2001)
Stolfo, S.: KDD-CUP-99 Task Description, http://kdd.ics.uci.edu/databases/kddcup99/task.html
Elkan, C.: Results of the KDD 1999 classifier learning. ACM SIGKDD Explorations Newsletter 1, 63–64 (2000)
Chatterjee, S., Hadi, A.S.: Regression Analysis by Example, 4th edn. Wiley-Interscience, Hoboken (2006)
Tanenbaum, A.S.: Computer Networks. Prentice Hall PTR, Englewood Cliffs (2002)
Stevens, W.R.: TCP/IP Illustrated, vol. I. Addison-Wesley Publishing Company, Reading (1995)
Kurose, J.F., Ross, K.W.: Computer networking: a top-down approach featuring the Internet. Pearson/Addison Wesley, Boston (2005)
Weisstein, E.W.: Gamma Distribution,WolframMathWorld (2005), http://mathworld.wolfram.com/GammaDistribution.html
Jin, S., Yeung, D.S.: A covariance analysis model for DDoS attack detection. In: 2004 IEEE International Conference on Communications, vol. 4, pp. 1882–1886 (2004)
Seo, J., Lee, C., Shon, T., Moon, J.: SVM approach with CTNT to detect DDoS attacks in grid computing. In: Zhuge, H., Fox, G.C. (eds.) GCC 2005. LNCS, vol. 3795, pp. 59–70. Springer, Heidelberg (2005)
Chen, Z., Gao, L., Kwiat, K.: Modeling the spread of active worms. In: INFOCOM 2003. Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 3, pp. 1890–1900. IEEE, Los Alamitos (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chae, S., Lee, H., Cho, J., Jung, M., Lim, J., Moon, J. (2009). A Regression Method to Compare Network Data and Modeling Data Using Generalized Additive Model. In: Chung, KI., Sohn, K., Yung, M. (eds) Information Security Applications. WISA 2008. Lecture Notes in Computer Science, vol 5379. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00306-6_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-00306-6_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00305-9
Online ISBN: 978-3-642-00306-6
eBook Packages: Computer ScienceComputer Science (R0)