TY - JOUR
T1 - A statistical model for network data analysis
T2 - KDD CUP 99' data evaluation and its comparing with MIT Lincoln Laboratory network data
AU - Cho, Jaeik
AU - Lee, Changhoon
AU - Cho, Sanghyun
AU - Song, Jung Hwan
AU - Lim, Jongin
AU - Moon, Jongsub
N1 - Funding Information:
This work was supported by Hanshin University Research Grant .
PY - 2010/4
Y1 - 2010/4
N2 - In network data analysis, research about how accurate the estimation model represents the universe is inevitable. As the speed of the network increases, so will the attacking methods on future generation communication network. To correspond to these wide variety of attacks, intrusion detection systems and intrusion prevention systems also need a wide variety of counter measures. As a result, an effective method to compare and analyze network data is needed. These methods are needed because when a method to compare and analyze network data is effective, the verification of intrusion detection systems and intrusion prevention systems can be trusted. In this paper, we use extractable standard protocol information of network data to compare and analyze the data of MIT Lincoln Lab with the data of KDD CUP 99 (modeled from Lincoln Lab). Correspondence Analysis and statistical analyzing method is used for comparing data.
AB - In network data analysis, research about how accurate the estimation model represents the universe is inevitable. As the speed of the network increases, so will the attacking methods on future generation communication network. To correspond to these wide variety of attacks, intrusion detection systems and intrusion prevention systems also need a wide variety of counter measures. As a result, an effective method to compare and analyze network data is needed. These methods are needed because when a method to compare and analyze network data is effective, the verification of intrusion detection systems and intrusion prevention systems can be trusted. In this paper, we use extractable standard protocol information of network data to compare and analyze the data of MIT Lincoln Lab with the data of KDD CUP 99 (modeled from Lincoln Lab). Correspondence Analysis and statistical analyzing method is used for comparing data.
KW - Data set
KW - Intrusion detection
KW - KDD CUP 99
KW - Network data modeling
KW - Network data quantification
UR - http://www.scopus.com/inward/record.url?scp=76949102098&partnerID=8YFLogxK
U2 - 10.1016/j.simpat.2009.09.003
DO - 10.1016/j.simpat.2009.09.003
M3 - Article
AN - SCOPUS:76949102098
VL - 18
SP - 431
EP - 435
JO - Simulation Modelling Practice and Theory
JF - Simulation Modelling Practice and Theory
SN - 1569-190X
IS - 4
ER -