A Study and Comparative Analysis of Conditional Random Fields for Intrusion Detection

Download Full Text
Author(s):
Deepa Guleria, M.K. Chavan
Published Date:
July 05, 2012
Issue:
Volume 2, Issue 4
Page(s):
31 - 38
DOI:
10.7815/ijorcs.24.2012.037
Views:
5893
Downloads:
470

Keywords:
intrusion detection system, conditional random fields, network security, decision tree
Citation:
Deepa Guleria, M.K. Chavan, "A Study and Comparative Analysis of Conditional Random Fields for Intrusion Detection". International Journal of Research in Computer Science, 2 (4): pp. 31-38, July 2012. doi:10.7815/ijorcs.24.2012.037 Other Formats

Abstract

Intrusion detection systems are an important component of defensive measures protecting computer systems and networks from abuse. Intrusion detection plays one of the key roles in computer security techniques and is one of the prime areas of research. Due to complex and dynamic nature of computer networks and hacking techniques, detecting malicious activities remains a challenging task for security experts, that is, currently available defense systems suffer from low detection capability and high number of false alarms. An intrusion detection system must reliably detect malicious activities in a network and must perform efficiently to cope with the large amount of network traffic. In this paper we study the Machine Learning and data mining techniques to solve Intrusion Detection problems within computer networks and compare the various approaches with conditional random fields and address these two issues of Accuracy and Efficiency using Conditional Random Fields and Layered Approach.

  1. SANS Institute—Intrusion Detection FAQ, http://www.sans.org/ resources/idfaq/, 2010.
  2. Autonomous Agents for Intrusion Detection, http://www.cerias.purdue.edu/research/aafid/, 2010.
  3. CRF++: Yet Another CRF Toolkit, http://crfpp.sourceforge.net/,2010.
  4. KDD Cup 1999 Intrusion Detection Data, http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html, 2010.
  5. Overview of Attack Trends, http://www.cert.org/archive/pdf/ attack_trends.pdf, 2002.
  6. Kapil Kumar Gupta, Baikunth Nath, Ramamohanarao Kotagiri, "Layered Approach Using Conditional Random Fields for Intrusion Detection," IEEE Transactions on Dependable and Secure Computing (vol. 7 no. 1), pp. 3 5-49, 2010. doi:10.1109/TDSC.2008.20
  7. J.P. Anderson, Computer Security Threat Monitoring and Surveillance, http://csrc.nist.gov/publications/history/ande80.pdf, 2010.
  8. W. Lee and S. Stolfo, “Data Mining Approaches for Intrusion Detection,” Proc. Seventh USENIX Security Symp. (Security ’98), pp. 79-94, 1998.
  9. H. Shah, J. Undercoffer, and A. Joshi, “Fuzzy Clustering for Intrusion Detection,” Proc. 12th IEEE Int’l Conf. Fuzzy Systems (FUZZ-IEEE ’03), vol. 2, pp. 1274-1278, 2003. doi:10.1109/FUZZ.2003.1206614
  10. C. Kruegel, D. Mutz, W. Robertson, and F. Valeur, “Bayesian Event Classification for Intrusion Detection,” Proc. 19th Ann. Computer Security Applications Conf. (ACSAC ’03), pp. 14-23, 2003. doi:10.1109/CSAC.2003.1254306
  11. N.B. Amor, S. Benferhat, and Z. Elouedi, “Naive Bayes vs. Decision Trees in Intrusion Detection Systems,” Proc. ACM Symp. Applied Computing (SAC ’04), pp. 420-424, 2004.
  12. W. Lee and S. Stolfo, “Data Mining Approaches for Intrusion Detection,” Proc. Seventh USENIX Security Symp. (Security ’98), pp. 79-94, 1998.
  13. H. Debar, M. Becke, and D. Siboni, “A Neural Network Component for an Intrusion Detection System,” Proc. IEEE Symp. Research in Security and Privacy (RSP ’92), pp. 240- 250, 1992. doi:10.1109/RISP.1992.213257
  14. Y. Du, H. Wang, and Y. Pang, “A Hidden Markov Models-Based Anomaly Intrusion Detection Method,” Proc. Fifth World Congress on Intelligent Control and Automation (WCICA ’04), vol. 5, pp. 4348-4351, 2004.
  15. A. McCallum, “Efficiently Inducing Features of Conditional Random Fields,” Proc. 19th Ann. Conf. Uncertainty in Artificial Intelligence (UAI ’03), pp. 403-410, 2003.
  16. J. Lafferty, A. McCallum, and F. Pereira, “Conditional Random Fields: Probabilistic Models for Segmenting and Labeling Sequence Data,” Proc. 18th Int’l Conf. Machine Learning (ICML ’01), pp. 282-289, 2001.
  17. A. McCallum, D. Freitag, and F. Pereira, “Maximum Entropy Markov Models for Information Extraction and Segmentation,” Proc. 17th Int’l Conf. Machine Learning (ICML ’00), pp. 591-598,2000.
  18. D.S. Kim and J.S. Park, “Network-Based Intrusion Detection with Support Vector Machines,” Proc. Information Networking, networking Technologies for Enhanced Internet Services Int’l Conf. (ICOIN ’03),pp. 747-756, 2003.
  19. C. Sutton and A. McCallum, “An Introduction to Conditional Random Fields for Relational Learning,” Introduction to Statistical Relational Learning, 2006

    Sorry, there are no citation(s) for this manuscript yet.