Sciweavers

CSREASAM
2003

KDD Feature Set Complaint Heuristic Rules for R2L Attack Detection

14 years 2 months ago
KDD Feature Set Complaint Heuristic Rules for R2L Attack Detection
Automated rule induction procedures like machine learning and statistical techniques result in rules that lack generalization and maintainability. Developing rules manually through incorporation of attack signatures results in meaningful but weak rules as it is difficult to define thresholds. This paper utilizes a hybrid procedure for developing rules by combining signature analysis with automated techniques to improve readability, comprehensibility, and maintainability of rules. Through the proposed rule-formulation technique, heuristic rules were developed for two remote-to-local (R2L) attacks using the KDD intrusion detection features and dataset. Empirical results show that high detection rates with low false alarms are observed for the warezmaster and warezclient attacks in the KDD data set. The utilized technique also highlighted a mislabeling problem in the KDD dataset for the two R2L attacks considered.
Maheshkumar Sabhnani, Gürsel Serpen
Added 31 Oct 2010
Updated 31 Oct 2010
Type Conference
Year 2003
Where CSREASAM
Authors Maheshkumar Sabhnani, Gürsel Serpen
Comments (0)