Abstract
In order to analyze results of anomaly detection methods for Network Intrusion Detection Systems, the DARPA KDD data set have been widely analyzed but their data are outdated for most kinds of attacks. A software called Spleen designed to get data from a tested network with the same structure of DARPA data set is introduced. The application is used to complete the data set with additional features according to an attack analysis. Finally, to show advantages of an extended data set, two genetic methods in the detection of non-content based attacks are tested.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Garuba M, Liu C, Fraites D (2008) Intrusion techniques: comparative study of network intrusion detection systems. In: 5th international conference on information technology: new generations, 2008. ITNG 2008, pp 592–598, 7–9 Apr 2008, doi: 10.1109/ITNG.2008.231
Ashfaq S, Farooq MU, Karim A (2006) Efficient rule generation for cost-sensitive misuse detection using genetic algorithms. In: 2006 international conference on computational intelligence and security, vol 1, pp 282–285, Nov 2006
Shun J, Malki HA (2008) Network intrusion detection system using neural networks. In: 4th international conference on natural computation, 2008, ICNC’08, vol 5, pp 242–246, Oct 2008
Devaraju S, Ramakrishnan S (2011) Performance analysis of intrusion detection system using various neural network classifiers. In: 2011 international conference on recent trends in information technology (ICRTIT), pp 1033–1038, June 2011
Momenzadeh A, Javadi HHS, Dezfouli MA (2009) Design an efficient system for intrusion detection via evolutionary fuzzy system. In: 11th international conference on computer modelling and simulation, 2009, UKSIM’09, pp 89–94, March 2009
Kim DS, Nguyen H-N, Park JS (2005) Genetic algorithm to improve svm based network intrusion detection system. In: 19th international conference on advanced information networking and applications, 2005, AINA 2005, vol 2, pp 155–158, March 2005
Ahmed A, Lisitsa A, Dixon C (2011) A misuse-based network intrusion detection system using temporal logic and stream processing. In: 5th international conference on network and system security (NSS), 2011, pp 1–8, Sept 2011
Spafford EH, Kumar S A pattern matching model for misuse intrusion detection. Department of computer science
MIT Lincoln Laboratory (1999) Darpa intrusion detection data sets
Graf I, Haines JW, Kendall KR, McClung D, Weber D, Webster SE, Wyschogrod D, Cunningham RK, Lippmann RP, Fried DJ, Zissman MA (1999) Evaluating intrusion detection systems: the 1998 darpa off-line intrusion detection evaluation. Lincoln Laboratory MIT, 244 Wood Street, Lexington, MA 02173-9108, p 15, 1999
Sabhnani M, Serpen G Why machine learning algorithms fail in misuse detection on KDD intrusion detection data set. The University of Toledo
Vasudevan AR, Harshini E, Selvakumar S (2011) Ssenet-2011: a network intrusion detection system dataset and its comparison with kdd cup 99 dataset. In: 2nd Asian Himalayas international conference on internet (AH-ICI), pp 1–5, Nov 2011
Munafo MM, Mellia M (2008) Tstat measures: Tcp statistics an analysis tool
Haines JW, Rossey LM, Lippmann RP, Cunningham RK (2001) Extending the darpa off-line intrusion detection evaluations. In: Proceedings of DARPA Information Survivability Conference Exposition II, 2001, DISCEX’01, vol 1, pp 35–45
Guillen E, Rodríguez J, Paez R, Rodríguez A (2012) Detection of non-content based attacks using GA with extended KDD features. In: Proceedings of the world congress on engineering and computer science 2012, WCECS 2012, 24–26 Oct 2012, San Francisco, USA, pp 30–35
Abdullah B, Abd-alghafar I, Salama GI, Abd-alhafez A (2009) Performance evaluation of a genetic algorithm based approach to network intrusion detection system. In: 13th international conference on aerospace sciences and aviation technology, Military Technical College, Kobry Elkobbah, Cairo, Egypt
Shannon CE, Weaver W, Blahut RE (1949) The mathematical theory of communication, vol 117. University of Illinois press, Urbana
Kayacik HG, Zincir-Heywood AN, Heywood MI (2006) Selecting features for intrusion detection: a feature relevance analysis on KDD 99 intrusion Detection Datasets. Dalhousie University, Faculty of Computer Science, 6050 University Avenue, Halifax, Nova Scotia, 2006
Fowdar J, Crockett K, Bandar Z, O’Shea J (2005) On the use of fuzzy trees for solving classification problems with numeric outcomes. In: The 14th IEEE international conference on fuzzy systems, 2005, FUZZ ‘05, pp 436, 25–25 May 2005
Information Sciences Institute University of Southern California. Rfc 793. transmission control protocol. Defense Advanced Research Projects Agency, 1981
Hernández-Pereira E, Suárez-Romero JA, Fontenla-Romero O, Alonso-Betanzos A (2009) Conversion methods for symbolic features: a comparison applied to an intrusion detection problem. Expert Syst Appl 36(7):10612–10617
Nmap (2012) Port scanning techniques: nmap reference guide, May 2012
Holland J (1975) Adaptation in natural and artificial. The University of Michigan Press, Ann Arbor
Holland JH et al (2000) What is a learning classifier system? In: Lanzi PL, Stolzmann W, Wilson SW (eds) Learning classifier systems, from foundations to applications. Springer-Verlag, London, pp 3–32
Acknowledgments
This work was possible with the support of Military University Doctoral Support Program, and Javeriana University Doctoral Program.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer Science+Business Media Dordrecht
About this chapter
Cite this chapter
Guillén, E.P., Rodríguez Parra, J., Paéz Mendez, R.V. (2014). Improving Network Intrusion Detection with Extended KDD Features. In: Kim, H., Ao, SI., Amouzegar, M., Rieger, B. (eds) IAENG Transactions on Engineering Technologies. Lecture Notes in Electrical Engineering, vol 247. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-6818-5_30
Download citation
DOI: https://doi.org/10.1007/978-94-007-6818-5_30
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-6817-8
Online ISBN: 978-94-007-6818-5
eBook Packages: EngineeringEngineering (R0)