A New Association Rule Mining based on Coverage and Exclusion for Network Intrusion Detection

kimtaeyeon (김태연); KyungHyun Han (한경현); Seong Oun Hwang (황성운)

doi:10.20465/KIOTS.2023.9.1.077

A New Association Rule Mining based on Coverage and Exclusion for Network Intrusion Detection

Journal of Internet of Things and Convergence
Abbr : JKIOTS
2023, 9(1), pp.77-87
DOI : 10.20465/KIOTS.2023.9.1.077
Publisher : The Korea Internet of Things Society
Research Area : Engineering > Computer Science > Internet Information Processing
Received : November 6, 2022
Accepted : December 18, 2022
Published : February 28, 2023

kimtaeyeon ¹, KyungHyun Han ², Seong Oun Hwang ¹

¹가천대학교
²홍익대학교(세종캠퍼스)

Accredited

ABSTRACT

Applying various association rule mining algorithms to the network intrusion detection task involves two critical issues: too large size of generated rule set which is hard to be utilized for IoT systems and hardness of control of false negative/positive rates. In this research, we propose an association rule mining algorithm based on the newly defined measures called coverage and exclusion. Coverage shows how frequently a pattern is discovered among the transactions of a class and exclusion does how frequently a pattern is not discovered in the transactions of the other classes. We compare our algorithm experimentally with the Apriori algorithm which is the most famous algorithm using the public dataset called KDDcup99. Compared to Apriori, the proposed algorithm reduces the resulting rule set size by up to 93.2 percent while keeping accuracy completely. The proposed algorithm also controls perfectly the false negative/positive rates of the generated rules by parameters. Therefore, network analysts can effectively apply the proposed association rule mining to the network intrusion detection task by solving two issues.

KEYWORDS

Network Intrusion Detection, Association Rule Mining, Measure

Citation status

* References for papers published after 2023 are currently being built.

[journal] A. S. Sadh / 2013 / Association Rules Optimization : A Survey / Int. J. of Advanced Comput. Res 3(1) : 111~115

[journal] G. J. Simon / 2015 / Extending Association Rule Summarization Techniques to Assess Risk of Diabetes Mellitus / IEEE Trans. Knowl. Data Eng 27(1) : 130~141

[journal] I. F. Videla-Cavieres / 2014 / Extending market basket analysis with graph mining techniques : A real case / Expert Syst. Appl 41(4) : 1928~1936

[journal] A. C. Squicciarini / 2015 / Privacy Policy Inference of User-Uploaded Images on Content Sharing Sites / IEEE Trans. Knowl. Data Eng 27(1) : 193~206

[journal] 이근호 / 2019 / A Scheme on Anomaly Prevention for Systems in IoT Environment / 사물인터넷융복합논문지 / 한국사물인터넷학회 5(2) : 95~101

[journal] I. H. Sarker / 2022 / Internet of things(iot)security intelligence : a comprehensive overview, machine learning solutions and research directions / Mobile Networks and Applications : 1~17

[book] D. Sellappan / 2020 / Handbook of Research on Intelligent Data Processing and Information Security Systems : 1~24

[book] L. Ertoz / 2004 / Next Generation Data Mining / MIT Press

[confproc] C. Miao / 2010 / A Study of Intrusion Detection System Based on Data Mining / 2010 IEEE Int. Conf. on Inform. Theory and Inform. Security : 186~189

[journal] N. Khamphakdee / 2015 / Improving Intrusion Detection System Based on Snort Rules for Network Probe Attacks Detection with Association Rules Technique of Data Mining / J. ICT Res. Appl 8(3) : 234~250

[confproc] R. Agrawal / 1994 / Fast Algorithms for Mining Association Rules / Proc. 20th VLDB Conf 1215 : 487~499

[journal] J. Han / 2000 / Mining Frequent Patterns without Candidate Generation / ACM Sigmod Rec 29(2) : 1~12

[journal] A. Y. R. Gonzalez / 2013 / Mining frequent patterns and association rules using similarities / Expert Syst. Appl 40 : 6823~6836

[journal] R. Agrawal / 1993 / Mining association rules between sets of items in large databases / ACM Sigmod Rec 22(2) : 207~216

[journal] M. Hahsler / 2007 / New Probabilistic Interest Measures for Association Rules / Intelligent Data Anal 11(5) : 437~455

[journal] F. Benites / 2014 / Evaluation of Hierarchical Interestingness Measures for Mining Pairwise Generalized Association Rules / IEEE Trans. Knowl. Data Eng 26(12) : 3012~3025

[web] University of California, Irvine / KDD Cup 1999 Data / https://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

[web] University of New Brunswick / The NSL-KDD Data Set / https://web.archive.org/web/20150205070216/http://nsl.cs.unb.ca/NSL-KDD/

KJCKorea
Journal Central

Journal of Internet of Things and Convergence 2023 KCI Impact Factor : 0.89

A New Association Rule Mining based on Coverage and Exclusion for Network Intrusion Detection

ABSTRACT

KEYWORDS

Citation status

* References for papers published after 2023 are currently being built.

Journal of Internet of Things and Convergence 2023 KCI Impact Factor : 0.89

A New Association Rule Mining based on Coverage and Exclusion for Network Intrusion Detection

ABSTRACT

KEYWORDS

Statistics

Tools

Issue List

Citation status

KCI Citation Counts (1)

REFERENCES (18) * References for papers published after 2023 are currently being built.

Search PDF

Citation

* References for papers published after 2023 are currently being built.