For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Three-Dimensional Object Encoding Approach Using Computer-Generated Integral Imaging and Random Phase Encoding
p.970
Time Series Forecasting with Stochastic Markov Models Based on Fuzzy Set and Grey Theory
p.975
Toward a Unified Approach to Software Reliability Modeling under Imperfect Debugging
p.979
Toward Meta-Software Engineering Multistage Process
p.983
Using Serial Episode Mining to Identify Internet Attacks
p.988
Video Image Encryption Technique Using Maximum-Length Cellular Automata and Arnold’s Cat Map
p.992
POI Detection and Route Identification Using Smartphone Sensor Data
p.997
Predicting Personal Transportation Modes Using Uncertain Smartphone Sensor Data
p.1002
Using Multi-Core to Debug Interactive Applications
p.1007

Using Serial Episode Mining to Identify Internet Attacks

Article Preview

Abstract:

An intrusion is a series of relevant actions that occur to a victim in some sequence through the Internet. In this paper, a serial episode mining is first applied to find all possible sophisticated Internet attacks, and then an episode pruning skill is applied to cut unnecessary ones to reduce administrator’s further effort. Input data, log files from a honeypot system, is regarded as a sequence of events, where each event has an associated time of occurrence. The method proposed in this paper can be used to detect abnormal Internet episodes including unknown attacks. Some experiments had been conducted to show the effectiveness of the proposed method.

You might also be interested in these eBooks
Modern Design Technologies and Experiment for Advanced Manufacture and Industry View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 764-765)

Pages:

988-991

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.764-765.988

Citation:

Cite this paper

Online since:

May 2015

Authors:

Ming Yang Su*

Keywords:

Episode Mining, Episode Pruning, Honeypot System, Internet Intrusion, Unknown Attacks

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2015 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

* - Corresponding Author

References

[1] H. Mannila, H. Toivonen and A. I. Verkamo: Discovery of Frequent Episodes in Event Sequences, Data Mining and Knowledge Discovery, Vol. 1 (1997), p.259–289.

DOI: 10.1023/a:1009748302351

Google Scholar

[2] K. Hwang, M. Cai, Y. Chen and M. Qin: Hybrid Intrusion Detection with Weighted Signature Generation over Anomalous Internet Episodes, IEEE Transactions on Dependable and Secure Computing, Vol. 4, No. 1 (2007), pp.41-55.

DOI: 10.1109/tdsc.2007.9

Google Scholar

[3] J. Luo and S. M. Bridges: Mining Fuzzy Association Rules and Fuzzy Frequent Episodes for Intrusion Detection, International Journal of Intelligent Systems, Vol. 15, Issue 8 (2000), pp.687-703.

DOI: 10.1002/1098-111x(200008)15:8<687::aid-int1>3.0.co;2-x

Google Scholar

[4] B. Caswell, J. Beale, J. C. Foster and J. Faircloth: Snort 2. 0 Intrusion Detection, Syngress Press, 2003 (also refer to http: /www. snort. org/).

DOI: 10.1016/b978-193183674-6/50017-8

Google Scholar

[5] J. Luo, S. M. Bridges, R. B. Vaughn and Jr: Fuzzy Frequent Episodes for Real-Time Intrusion Detection, in the Proceedings of the IEEE International Conference on Fuzzy Systems, Vol. 1 (2001), pp.368-371.

DOI: 10.1109/fuzz.2001.1007325

Google Scholar

[6] W. Lee, S.J. Stolfo and K. W. Mok: Adaptive Intrusion Detection: A Data Mining Approach, Artificial Intelligence Review, Vol. 14, No. 6 (2000), pp.533-567.

Google Scholar

[7] KeyFocus Ltd., KFSensor - Advanced Windows Honeypot System, http: /www. keyfocus. net/kfsensor.

Google Scholar

[8] Kaspersky Lab., http: /www. viruslist. com/en/analysis?pubid=204791921.

Google Scholar

[9] SMB Command Codes, http: /timothydevans. me. uk/nbf2cifs/smb-smbcommandcode. html.

Google Scholar

[10] M. Y. Su: Internet Worms Identification through Serial Episodes Mining, in the Proceedings of the ECTI-CONF (2010), pp.132-136.

Google Scholar

[11] Wan Ling Chen and Chengqi Zhang: Mining Frequent Serial Episodes over Uncertain Sequence Data, in the Proceedings of the ACM EDBT/ICDT joint conference (2013).

DOI: 10.1145/2452376.2452403

Google Scholar

[12] Shukuan Lin, Jianzhong Qiao and Ya Wang, Frequent Episode Mining within the Latest Time Windows Over Event Streams, Applied Intelligence, Vol. 40, Issue 1 (2014), pp.13-28.

DOI: 10.1007/s10489-013-0442-8

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.