Google scholar arxiv informatics ads IJAIS publications are indexed with Google Scholar, NASA ADS, Informatics et. al.

Call for Paper


August Edition 2021

International Journal of Applied Information Systems solicits high quality original research papers for the August 2021 Edition of the journal. The last date of research paper submission is July 15, 2021.

Network Intrusion Analysis using Clementine

Muhammad Iqbal Published in Security

International Journal of Applied Information Systems
Year of Publication: 2015
© 2013 by IJAIS Journal
Authors Muhammad Iqbal
Download full text
  1. Muhammad Iqbal. Article: Network Intrusion Analysis using Clementine. International Journal of Applied Information Systems 8(3):1-6, February 2015. BibTeX

    	author = "Muhammad Iqbal",
    	title = "Article: Network Intrusion Analysis using Clementine",
    	journal = "International Journal of Applied Information Systems",
    	year = 2015,
    	volume = 8,
    	number = 3,
    	pages = "1-6",
    	month = "February",
    	note = "Published by Foundation of Computer Science, New York, USA"


Data mining is an extensive branch of computer science which garnered enormous interest from both academic and industry circles in the last decade. In this work, I would like to present our understanding of data mining under CRISP-DM framework and the use of data mining tool called Clementine, which is widely used in the industry. This paper is basically focuses on using Clementine software to detect anomalies such as odd access time of the machines inside the network from the external machines used in the DARPA simulation by analyzing the tcpdump list file.


  1. Pete Chapman, Julian Clinton, Randy Kerber, Thomas Khabaza, Thomas Reinartz, Colin Shearer, and Rudiger Wirth. CRISP-DM 1. 0 -- Step-by-step data mining guide. The CRISPDM Consortium / SPSS Inc. , available on http: //www. crisp-dm. org, 2000
  2. Clementine 12. 0, SPSS Inc, 233 South Wacker Drive, 11th Floor, Chicago, IL 60606-6307, USA http://www. spss. com
  3. Data Mining and Predictive Analytics:Battlespace Awareness for the War on Terrorism, Colleen McCue, Ph. D.
  4. Roesch, Martin, "Snort - Lightweight Intrusion Detection for Networks", Proc. USENIX Lisa '99, Seattle: Nov. 7-12,1999.
  5. Sekar, R. , M. Bendre, D. Dhurjati, P. Bollineni, "A FastAutomaton-based Method for Detecting Anomalous ProgramBehaviors". Proceedings of the 2001 IEEE Symposium onSecurity and Privacy.
  6. Matthew V. Mahoney, "Network Traffic Anomaly Detection Based on Packet Bytes" SAC 2003, Melbourne, Florida, USA,© 2003 ACM 1-58113-624-2/03/03. . . $5. 00
  7. Lincoln Laboratory,MIT, "Introduction to evaluation," http://www. ll. mit. edu/mission/communications/ist/files/LLab-1-Intro. ppt ,1998.
  8. Ko, C. , M. Ruschitzka, and K. Levitt. "Execution Monitoring of Security-Critical Programs in aDistributed System: A Specifications-Based Approach," In Proceedings 1997 IEEE Symposium on Security and Privacy, pp. 134-144, Oakland, CA: IEEE Computer Society Press.
  9. Anderson, "Homogeneous models," in Proceedings of the USENIX Security Conference, Oct. 1999.
  10. Sun Microsystems Security Bulletin: #00140. http://sunsolve. Sun. com/pub-cgi/us/sec2html?secbull/140. 14 May, 1997.
  11. Kristopher Kendall,"A Database of Computer Attacks for the Evaluation ofIntrusion Detection Systems". PHD Thesis, Massachusetts Institute of Technology, June. 2000.
  12. Honghua Dai, "A Case Study of Classification Reliability," in Proceedings of the International Conference of Data Mining Workshops, 2008.
  13. Eric, Alan D, William, Clement, Lisa and Jonathan Tivel, "Data Mining for Network Instrusion Detection: How to Get Started" The MITRE Corporation
  14. German Florez, Susan M. Bridges and Rayford B. Vaughn, " An Improved Algorithm for Fuzzy Data Mining for Intrusion Detection", 2002
  15. MIT, http://www. ll. mit. edu/mission/communications/ist/corpora/ideval/data/1998data. html
  16. Hichem Sedjelmaci#, Sidi Mohammed Senouci*, Mohammed Feham, 2012 International Conference on Systems and Informatics (ICSAI 2012), 978-1-4673-2713 ©2012 IEEE pp 857-861
  17. S. Kumar, E. H. Spafford, "A Software architecture to support misuse intrusion detection", roceedings of the 18th National Information Security Conference, pp. 194-204, 1995.
  18. K. Ilgun, R. A. Kemmerer, P. A. Porras, "State transition analysis:A rule-based intrusion detection approach", IEEE Transactions on Software Engineering, vol. 21, no. 3, pp. 181-199, 1995.
  19. T. Lunt, A. Tamaru, F. Gilham, et al, "A Real-time Intrusion Detection Expert System (IDES) - final technical report",Technical report, Computer Science Laboratory, SRI International,Menlo Park, California, Feb. 1992.


Clementine, CRISP-DM framework