C4.5: programs for machine learning
C4.5: programs for machine learning
The nature of statistical learning theory
The nature of statistical learning theory
Machine Learning
The Value of Intrusion Detection Systems in Information Technology Security Architecture
Information Systems Research
Improved use of continuous attributes in C4.5
Journal of Artificial Intelligence Research
An active intrusion detection system for LAN specific attacks
AST/UCMA/ISA/ACN'10 Proceedings of the 2010 international conference on Advances in computer science and information technology
Hi-index | 0.00 |
With the prevalent of Internet, network security plays a very important role as an infrastructural foundation to establish a successful e-Commerce environment. Especially when the Internet transmission technique progresses, network attack becomes prevalent and threaten to Internet users than ever before. While many kinds of network intrusion techniques and sniffing tools are generated, ARP (Address Resolution Protocol) spoofing is one of the serious network attacks. The ARP spoofing attack seizes the defect of protocol design cheating the victims to hijack the transformation package to sniff the important information or embedding some malicious software to those victim hosts. This study aims at construct an ARP spoofing attack detection system with SNMP (Simple Network Management Protocol) traffic data mining techniques of Naïve Bayesian, Decision Tree (C4.5) and Support Vector Machine (SVM). The performance is evaluated by accuracy, missing rate, and false alarm rate. The results show that C4.5 has a best accuracy; and SVM has a very low false alarm rate of 0.7% yet has a high missing rate of 39.6%. Both C4.5 and SVM have better performance than Naïve Bayesian. Therefore, the system is expected to be of help facilitating the detection of abnormal traffic data pattern and building a more secure e-Commerce ecosystem.