Network intrusion detection includes a set of malicious actions that compromise the integrity, confidentiality and availability of information resources. Several techniques for mining rules from KDD intrusion detection dataset  enables to identify attacks in the network. But little research has been done to determine the association patterns that exist between the attributes in the dataset. This paper focuses on the association rule mining in KDD intrusion dataset. Since the dataset constitutes different kinds of data like binary, discrete & continuous data, same technique cannot be applied to determine the association patterns. Hence, this paper uses varying techniques for each type of data. The proposed method is used to generate attack rules that will detect the attacks in network audit data using anomaly detection. Rules are formed depending upon various attack types. For binary data, Apriori approach is used to eliminate the non-frequent item set from the rules and for discrete and continuous value the proposed techniques are used. The paper concludes with experimental results.
DAS, ASIM and SATHYA, S. SIVA
"ASSOCIATION RULE MINING FOR KDD INTRUSION DETECTION DATA SET,"
International Journal of Computer Science and Informatics: Vol. 3:
2, Article 13.
Available at: https://www.interscience.in/ijcsi/vol3/iss2/13