Usage of data mining techniques for analyzing network intrusions

Abstract

This paper presents the results of the analysis of the network intrusion detection systems using data mining techniques and anomaly detection. Anomaly detection technique is present for a while in the area of data mining. Previous papers that implement data mining techniques to detect anomaly attacks actually use well-known techniques such as classification or clustering. Anomaly detection technique combines all these techniques. They are also facing problem on the fact that many of the attacks do not have some kind of signature on network and transport layer, so it is not easy to train models for these type of attacks. Network dataset that was used in this paper is DARPA 1998 dataset created in MIT Lincoln Laboratory and is used worldwide for the network testing purposes.