Data Mining for Network Intrusion Detection: How to Get Started

Abstract

Recently there has been much interest in applying data mining to computer network intrusion detection. For the past two years, MITRE has been exploring how to make data mining useful in this context. This paper provides lessons learned in this task. Based upon our experiences in getting started on this type of project, we suggest data mining techniques to consider and types of expertise and infrastructure needed. This paper has two intended audiences: network security professionals with little background in data mining, and data mining experts with little background in network intrusion detection.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 01, 2001
Accession Number
AD1133155

Entities

People

  • Alan D. Christiansen
  • Clement Skorupka
  • Eric Bloedorn
  • Jonathan Tivel
  • Lisa M. Talbot
  • William Hill

Organizations

  • MITRE Corporation

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Materials and Manufacturing Processes
  • Sensors

DTIC Thesaurus Topics

  • Anomaly Detection
  • Artificial Intelligence
  • Change Detection
  • Computer Network Security
  • Computer Networks
  • Computer Science
  • Computers
  • Data Mining
  • Detection
  • Detectors
  • Electrical Engineering
  • Information Science
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Machine Learning
  • Network Science

Fields of Study

  • Computer science

Readers

  • Database Systems and Applications
  • Seismology
  • Systems Analysis and Design

Technology Areas

  • AI & ML
  • Cyber