Applying a Flexible Mining Architecture to Intrusion Detection

Abstract

Data mining is becoming a pervasive technology in several activities as using historical data to predict the success of a marketing campaign, looking for patterns in financial transactions to discover illegal activities or analyzing genome sequences. In this paper we adopt a reference flexible mining architecture able to discover knowledge in a distributed and heterogeneous environment. In the context of security, the information we are seeking is the knowledge of whether a security breach has been experienced, and if the answer is yes, who is the perpetrator. To this purpose, the guide lines of the service oriented architecture, SOA, and the orchestration model have been considered as a way to realize our proposal of knowledge discovery process to intrusion detection