CFP last date
17 June 2024
Reseach Article

Network Intrusion Analysis using Clementine

by Muhammad Iqbal
International Journal of Applied Information Systems
Foundation of Computer Science (FCS), NY, USA
Volume 8 - Number 3
Year of Publication: 2015
Authors: Muhammad Iqbal

Muhammad Iqbal . Network Intrusion Analysis using Clementine. International Journal of Applied Information Systems. 8, 3 ( February 2015), 1-6. DOI=10.5120/ijais15-451290

@article{ 10.5120/ijais15-451290,
author = { Muhammad Iqbal },
title = { Network Intrusion Analysis using Clementine },
journal = { International Journal of Applied Information Systems },
issue_date = { February 2015 },
volume = { 8 },
number = { 3 },
month = { February },
year = { 2015 },
issn = { 2249-0868 },
pages = { 1-6 },
numpages = {9},
url = { },
doi = { 10.5120/ijais15-451290 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
%0 Journal Article
%1 2023-07-05T18:58:30.860980+05:30
%A Muhammad Iqbal
%T Network Intrusion Analysis using Clementine
%J International Journal of Applied Information Systems
%@ 2249-0868
%V 8
%N 3
%P 1-6
%D 2015
%I Foundation of Computer Science (FCS), NY, USA

Data mining is an extensive branch of computer science which garnered enormous interest from both academic and industry circles in the last decade. In this work, I would like to present our understanding of data mining under CRISP-DM framework and the use of data mining tool called Clementine, which is widely used in the industry. This paper is basically focuses on using Clementine software to detect anomalies such as odd access time of the machines inside the network from the external machines used in the DARPA simulation by analyzing the tcpdump list file.

  1. Pete Chapman, Julian Clinton, Randy Kerber, Thomas Khabaza, Thomas Reinartz, Colin Shearer, and Rudiger Wirth. CRISP-DM 1. 0 -- Step-by-step data mining guide. The CRISPDM Consortium / SPSS Inc. , available on http: //www. crisp-dm. org, 2000
  2. Clementine 12. 0, SPSS Inc, 233 South Wacker Drive, 11th Floor, Chicago, IL 60606-6307, USA http://www. spss. com
  3. Data Mining and Predictive Analytics:Battlespace Awareness for the War on Terrorism, Colleen McCue, Ph. D.
  4. Roesch, Martin, "Snort - Lightweight Intrusion Detection for Networks", Proc. USENIX Lisa '99, Seattle: Nov. 7-12,1999.
  5. Sekar, R. , M. Bendre, D. Dhurjati, P. Bollineni, "A FastAutomaton-based Method for Detecting Anomalous ProgramBehaviors". Proceedings of the 2001 IEEE Symposium onSecurity and Privacy.
  6. Matthew V. Mahoney, "Network Traffic Anomaly Detection Based on Packet Bytes" SAC 2003, Melbourne, Florida, USA,© 2003 ACM 1-58113-624-2/03/03. . . $5. 00
  7. Lincoln Laboratory,MIT, "Introduction to evaluation," http://www. ll. mit. edu/mission/communications/ist/files/LLab-1-Intro. ppt ,1998.
  8. Ko, C. , M. Ruschitzka, and K. Levitt. "Execution Monitoring of Security-Critical Programs in aDistributed System: A Specifications-Based Approach," In Proceedings 1997 IEEE Symposium on Security and Privacy, pp. 134-144, Oakland, CA: IEEE Computer Society Press.
  9. Anderson, "Homogeneous models," in Proceedings of the USENIX Security Conference, Oct. 1999.
  10. Sun Microsystems Security Bulletin: #00140. http://sunsolve. Sun. com/pub-cgi/us/sec2html?secbull/140. 14 May, 1997.
  11. Kristopher Kendall,"A Database of Computer Attacks for the Evaluation ofIntrusion Detection Systems". PHD Thesis, Massachusetts Institute of Technology, June. 2000.
  12. Honghua Dai, "A Case Study of Classification Reliability," in Proceedings of the International Conference of Data Mining Workshops, 2008.
  13. Eric, Alan D, William, Clement, Lisa and Jonathan Tivel, "Data Mining for Network Instrusion Detection: How to Get Started" The MITRE Corporation
  14. German Florez, Susan M. Bridges and Rayford B. Vaughn, " An Improved Algorithm for Fuzzy Data Mining for Intrusion Detection", 2002
  15. MIT, http://www. ll. mit. edu/mission/communications/ist/corpora/ideval/data/1998data. html
  16. Hichem Sedjelmaci#, Sidi Mohammed Senouci*, Mohammed Feham, 2012 International Conference on Systems and Informatics (ICSAI 2012), 978-1-4673-2713 ©2012 IEEE pp 857-861
  17. S. Kumar, E. H. Spafford, "A Software architecture to support misuse intrusion detection", roceedings of the 18th National Information Security Conference, pp. 194-204, 1995.
  18. K. Ilgun, R. A. Kemmerer, P. A. Porras, "State transition analysis:A rule-based intrusion detection approach", IEEE Transactions on Software Engineering, vol. 21, no. 3, pp. 181-199, 1995.
  19. T. Lunt, A. Tamaru, F. Gilham, et al, "A Real-time Intrusion Detection Expert System (IDES) - final technical report",Technical report, Computer Science Laboratory, SRI International,Menlo Park, California, Feb. 1992.
Index Terms

Computer Science
Information Sciences


Clementine CRISP-DM framework