Header menu link for other important links
Towards the speed enhancement of association rule mining algorithm for intrusion detection system
S. Dasgupta,
Published in Springer
Volume: 1180 AISC
Pages: 1 - 9
Intrusion detection system is a device or a software application which is used to monitor network traffic data for suspicious activity and alert the system administrator about any malicious activity or network policy violation that has occurred. Among the several techniques proposed for anomaly detection in network audit data, data mining techniques are used for efficient analysis of network audit data to detect any abnormalities occurred due to specific types of attacks. Association rule mining algorithm an unsupervised data mining algorithm has been applied for analysis of network audit data for detecting anomalies. Due to rapid increase of internet based services, cyber security has become a challenging problem. In this paper, a frame work using association rule mining algorithm, has been proposed for detecting suspicious activity in network traffic data. Further in order to increase the speed of processing for large size network traffic data, big data processing tool Apache Spark has been used. Among the several association rule mining algorithm FP growth algorithm has been used to generate attack rules that will detect malicious attack on network audit data. For the purpose of the experiment the Kyoto dataset which is available freely online has been used. © The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG 2021.
About the journal
JournalData powered by TypesetAdvances in Intelligent Systems and Computing
PublisherData powered by TypesetSpringer