OMC-IDS: At the Cross-Roads of OLAP Mining and Intrusion Detection

  • Hanen Brahmi
  • Imen Brahmi
  • Sadok Ben Yahia
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7302)


Due to the growing threat of network attacks, the efficient detection as well as the network abuse assessment are of paramount importance. In this respect, the Intrusion Detection Systems (IDS) are intended to protect information systems against intrusions. However, IDS are plugged with several problems that slow down their development, such as low detection accuracy and high false alarm rate. In this paper, we introduce a new IDS, called OMC-IDS, which integrates data mining techniques and On Line Analytical Processing (OLAP) tools. The association of the two fields can be a powerful solution to deal with the defects of IDS. Our experiment results show the effectiveness of our approach in comparison with those fitting in the same trend.


Intrusion detection system Data warehouse OLAP Audit data cube Association rules Classification 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Agrawal, R., Imielinski, T., Swami, A.: Mining Association Rules between Sets of Items in Large Databases. In: Proceedings of the ACM-SIGMOD International Conference on Management of Data, Washington, USA, pp. 207–216 (1993)Google Scholar
  2. 2.
    Barbara, D., Couto, J., Jajodia, S., Popyack, L., Wu, N.: ADAM: Detecting Intrusions by Data Mining. In: Proc. of the 2nd Annual IEEE SMC Information Assurance Workshop, West Point, NY, pp. 11–16 (2001)Google Scholar
  3. 3.
    Ben Messaoud, R., Rabaséda, S.L., Missaoui, R., Boussaid, O.: OLEMAR: An Online Environment for Mining Association Rules in Multidimensional Data, vol. 2, pp. 14–47 (2008)Google Scholar
  4. 4.
    Yahia, S.B., Nguifo, E.M.: Revisiting Generic Bases of Association Rules. In: Kambayashi, Y., Mohania, M., Wöß, W. (eds.) DaWaK 2004. LNCS, vol. 3181, pp. 58–67. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  5. 5.
    Brahmi, I., Ben Yahia, S., Slimai, Y.: IDS-GARC: Détection d’Intrusions Basée sur les Règles Associatives Génériques de Classification. In: Actes du 9ème Colloque Africain sur la Recherche en Informatique, Rabat, Maroc, pp. 667–674 (2008)Google Scholar
  6. 6.
    Chandola, V., Eilertson, E., Ertoz, L., Simon, G., Kumar, V.: Data Mining for Cyber Security. In: Singhal, A. (ed.) Data Warehousing and Data Mining Techniques for Computer Security, pp. 83–103. Springer (2006)Google Scholar
  7. 7.
    Chaudhuri, S., Dayal, U.: An Overview of Data Warehousing and OLAP Technology. SIGMOD Record 26(1), 65–74 (1997)CrossRefGoogle Scholar
  8. 8.
    Geambasu, R., Bragin, T., Jung, J., Balazinska, M.: On-Demand View Materialization and Indexing for Network Forensic Analysis. In: Proceedings of the 3rd USENIX International Workshop on Networking Meets Databases, Cambridge, MA, pp. 4:1–4:7 (2007)Google Scholar
  9. 9.
    Gyanchandani, M., Yadav, R.N., Rana, J.L.: Intrusion Detection Using C4.5: Performance Enhancement by Classifier Combination. In: Proceedings of the International Conference on Advances in Computer Science, pp. 130–133 (2010)Google Scholar
  10. 10.
    Lee, W.: A Data Mining Framework for Constructing Features and Models for Intrusion Detection Systems. Phd thesis, Columbia University, New York, NY, USA (1999)Google Scholar
  11. 11.
    Pasquier, N., Bastide, Y., Taouil, R., Lakhal, L.: Efficient Mining of Association Rules Using Closed Itemset Lattices. Journal of Information Systems 24(1), 25–46 (1999)CrossRefGoogle Scholar
  12. 12.
    Ping-Ping, M., Qiu-Ping, Z.: Association Rules Applied to Intrusion Detection. Wuhan University Journal of Natural Sciences 7(4), 426–430 (2002)CrossRefGoogle Scholar
  13. 13.
    Singhal, A.: Warehousing and Data Mining Techniques for Cyber Security. Advances in Information Security, vol. 31. Springer (2007)Google Scholar
  14. 14.
    Singhal, A., Jajodia, S.: Data Mining for Intrusion Detection. In: Maimon, O., Rokach, L. (eds.) Data Mining and Knowledge Discovery Handbook, pp. 1171–1180. Springer (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Hanen Brahmi
    • 1
  • Imen Brahmi
    • 1
  • Sadok Ben Yahia
    • 1
    • 2
  1. 1.LIPAH, Computer Science DepartmentFaculty of Sciences of TunisTunisTunisia
  2. 2.Institut TELECOM, TELECOM SudParis, UMR 5157 CNRS SAMOVARFrance

Personalised recommendations