A Review of Data Mining Based Intrusion Detection Techniques
Traditional Data Mining techniques operate on structured data such as corporate databases; this has been an active area of research for many years. Intrusion detection is the process of monitoring and analyzing the events occurring in a computer system in order to detect signs of security problems. Intrusion detection is an area growing in relevance as more and more sensitive data are stored and processed in networked systems. An Intrusion Detection System (IDS) monitors networked devices and looks for anomalous or malicious behavior in the patterns of activity in the audit stream. A comprehensive ID requires a significant amount of human expertise and time for development. Data mining-based IDSs require less expert knowledge yet provide good performance.