Skip to main content
SpringerLink
Log in

Towards the Speed Enhancement of Association Rule Mining Algorithm for Intrusion Detection System

  • Conference paper
  • First Online:
Innovations in Bio-Inspired Computing and Applications (IBICA 2019)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1180))

  • 403 Accesses

Abstract

Intrusion detection system is a device or a software application which is used to monitor network traffic data for suspicious activity and alert the system administrator about any malicious activity or network policy violation that has occurred. Among the several techniques proposed for anomaly detection in network audit data, data mining techniques are used for efficient analysis of network audit data to detect any abnormalities occurred due to specific types of attacks. Association rule mining algorithm an unsupervised data mining algorithm has been applied for analysis of network audit data for detecting anomalies. Due to rapid increase of internet based services, cyber security has become a challenging problem. In this paper, a frame work using association rule mining algorithm, has been proposed for detecting suspicious activity in network traffic data. Further in order to increase the speed of processing for large size network traffic data, big data processing tool Apache Spark has been used. Among the several association rule mining algorithm FP growth algorithm has been used to generate attack rules that will detect malicious attack on network audit data. For the purpose of the experiment the Kyoto dataset which is available freely online has been used.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. NIST-Guide to Intrusion Detection and Prevention Systems, February 2007. http://csrc.nist.gov/publications/nistpubs/800-94/SP800-94.pdf. Accessed 05 June 2010

  2. Tsai, F.S., Chan, C.K. (eds.): Cyber Security. Pearson Education, Singapore (2006)

    Google Scholar 

  3. Nalavade, K., Meshram, B.B.: Mining association rules to evade network intrusion in network audit data. Int. J. Adv. Comput. Res. 4(2) issue 15 (2014). ISSN (print): 2249-7277 ISSN (online): 2277-7970

    Google Scholar 

  4. Tsai, F.S.: Network intrusion detection using association rules. Int. J. Recent Trends Eng. 2(2), 202 (2009)

    Google Scholar 

  5. Wikipedia. https://en.wikipedia.org/w/index.php?title=Intrusion_detection_system&oldid=83971452”4

  6. Traffic Data from Kyoto University’s Honeypots. www.takakura.com/Kyoto_data/

  7. Zaharia, M., Chowdhury, M., Das, T., Dave, A., Ma, J., McCauly, M., Franklin, M.J., Shenker, S., Stoica, I.: Resilient distributed datasets: a fault-tolerant abstraction for in-memory cluster computing. University of California, Berkley (2012)

    Google Scholar 

  8. Alexandrov, V.: Parallel Scalable Algorithms-Performance Parameters. www.bsc.es

  9. Sun, X.-H., Gustafson, J.L.: Toward a better parallel performance metric. Parallel Comput. 17, 1093–1109 (1991)

    Article  Google Scholar 

  10. Han, J., Kamber, M.: Data Mining Concepts and Techniques, 3rd edn. Morgan Kauffman (2006)

    Google Scholar 

  11. Agarwal, S., Agarwal, J.: Survey on anomaly detection using data mining techniques. Procedia Comput. Sci. 60, 708–713 (2015)

    Article  Google Scholar 

  12. Wang, T., Guo, F.: Associating IDS alerts by an improved apriori algorithm. In: Third International Symposium on Intelligent Information Technology and Security Informatics, pp. 478–482. IEEE (2010). 978-0-7695-4020-7/10

    Google Scholar 

  13. Ma, Y.: The intrusion detection system based on fuzzy association rules mining. In: IEEE Conferences (2010)

    Google Scholar 

  14. Jain, R.: The Art of Computer Systems Performance Analysis: Techniques for Experimental Design, Measurement, Simulation, and Modelling. Wiley, New York (1991)

    Google Scholar 

  15. Brewer, E.: Aspects of a high-performance parallel-architecture simulator. Master’s thesis, Massachusetts Institute of Technology (1991)

    Google Scholar 

  16. Alexey, B.: Performance Evaluation in Parallel Systems

    Google Scholar 

  17. Song, J., Takakura, H., Okabe, Y.: Cooperation of intelligent honeypots to detect unknown malicious codes. In: WOMBAT Workshop on Information Security Threat Data Exchange (WISTDE 2008). The IEEE CS Press, Amsterdam, 21–22 April 2008

    Google Scholar 

  18. SIGKDD - KDD Cup. KDD Cup 1999: Computer network intrusion detection. [Internet]. www.kdd.org. Accessed 13 Feb 2018

  19. Su, M.-Y., Chang, K.-C., Wei, H.-F., Lin, C.-Y.: A real-time network intrusion detection system based on incremental mining approach, pp. 179–184. IEEE (2008). 1-4244-2415-3/08

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of MCA, Techno International Newtown, Block-DG, Action Area 1 New town, Kolkata, 700156, India

    Sarbani Dasgupta

  2. Computer Science and Engineering Department2, University of Calcutta, JD Block, Sector III, Salt Lake City, Kolkata, 700098, India

    Banani Saha

Authors
  1. Sarbani Dasgupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Banani Saha
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sarbani Dasgupta .

Editor information

Editors and Affiliations

  1. Scientific Network for Innovation and Research Excellence, Machine Intelligence Research Labs (MIR), Auburn, WA, USA

    Ajith Abraham

  2. Utkal University, Bhubaneswar, Odisha, India

    Mrutyunjaya Panda

  3. Department of Electronics Engineering, GIET University, Gunupur, Odisha, India

    Subhrajit Pradhan

  4. Area of Project Engineering, University of Cordoba, Córdoba, Córdoba, Spain

    Laura Garcia-Hernandez

  5. School of Information Science and Engineering, University of Jinan, Jinan, Shandong, China

    Kun Ma

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Dasgupta, S., Saha, B. (2021). Towards the Speed Enhancement of Association Rule Mining Algorithm for Intrusion Detection System. In: Abraham, A., Panda, M., Pradhan, S., Garcia-Hernandez, L., Ma, K. (eds) Innovations in Bio-Inspired Computing and Applications. IBICA 2019. Advances in Intelligent Systems and Computing, vol 1180. Springer, Cham. https://doi.org/10.1007/978-3-030-49339-4_1

Download citation

Publish with us

Policies and ethics

Search

Navigation