Intrusion Detection Through Rule Induction Analysis
Intrusion detection is the process of monitoring the events occurring in a computer system or network and analyzing them for signs of intrusions. In this paper, the authors present intrusion detection by means of rule induction analysis. Specifically, the rule induction analysis is used to generate signatures from the Knowledge Discovery Databases (KDD) Cup 1999 testing data set and find a set of rules that satisfy some predefined criteria. The results show that this kind of intrusion detection is not only able to achieve extremely high detection rate (99.99%) but also to yield very low false positive rate (1.65%).