{
"title": "Mining Network Data for Intrusion Detection through Na\u00efve Bayesian with Clustering",
"authors": "Dewan Md. Farid, Nouria Harbi, Suman Ahmmed, Md. Zahidur Rahman, Chowdhury Mofizur Rahman",
"country": null,
"institution": null,
"volume": "42",
"journal": "International Journal of Computer, Electrical, Automation, Control and Information Engineering",
"pagesStart": 1053,
"pagesEnd": 1058,
"ISSN": "1307-6892",
"URL": "http:\/\/waset.org\/publications\/13376",
"abstract": "Network security attacks are the violation of\r\ninformation security policy that received much attention to the\r\ncomputational intelligence society in the last decades. Data mining\r\nhas become a very useful technique for detecting network intrusions\r\nby extracting useful knowledge from large number of network data\r\nor logs. Na\u00efve Bayesian classifier is one of the most popular data\r\nmining algorithm for classification, which provides an optimal way\r\nto predict the class of an unknown example. It has been tested that\r\none set of probability derived from data is not good enough to have\r\ngood classification rate. In this paper, we proposed a new learning\r\nalgorithm for mining network logs to detect network intrusions\r\nthrough na\u00efve Bayesian classifier, which first clusters the network\r\nlogs into several groups based on similarity of logs, and then\r\ncalculates the prior and conditional probabilities for each group of\r\nlogs. For classifying a new log, the algorithm checks in which cluster\r\nthe log belongs and then use that cluster-s probability set to classify\r\nthe new log. We tested the performance of our proposed algorithm by\r\nemploying KDD99 benchmark network intrusion detection dataset,\r\nand the experimental results proved that it improves detection rates\r\nas well as reduces false positives for different types of network\r\nintrusions.",
"references": null,
"publisher": "World Academy of Science, Engineering and Technology",
"index": "International Science Index 42, 2010"
}