A detailed analysis of the KDD CUP 99 data set

Tavallaee, Mahbod; Bagheri, Ebrahim; Lu, Wei; Ghorbani, Ali A.

doi:10.1109/cisda.2009.5356528

Cited by 3,426 publications

(1,943 citation statements)

References 13 publications

Supporting

Mentioning

1,905

Contrasting

Unclassified

Order By: Relevance

“…Although the dataset is not without criticism [20], it is the only public dataset with labeled attack samples. Moreover, many research works have been evaluated using this dataset as well.…”

Section: Experimental Results and Analysismentioning

confidence: 99%

Multivariate Correlation Analysis Technique Based on Euclidean Distance Map for Network Traffic Characterization

Tan

Jamdagni

et al. 2011

Information and Communications Security

View full text Add to dashboard Cite

Abstract. The quality of feature has significant impact on the performance of detection techniques used for Denial-of-Service (DoS) attack. The features that fail to provide accurate characterization for network traffic records make the techniques suffer from low accuracy in detection. Although researches have been conducted and attempted to overcome this problem, there are some constraints in these works. In this paper, we propose a technique based on Euclidean Distance Map (EDM) for optimal feature extraction. The proposed technique runs analysis on original feature space (first-order statistics) and extracts the multivariate correlations between the first-order statistics. The extracted multivariate correlations, namely second-order statistics, preserve significant discriminative information for accurate characterizations of network traffic records, and these multivariate correlations can be the high-quality potential features for DoS attack detection. The effectiveness of the proposed technique is evaluated using KDD CUP 99 dataset and experimental analysis shows encouraging results.

show abstract

Section: Experimental Results and Analysismentioning

confidence: 99%

Multivariate Correlation Analysis Technique Based on Euclidean Distance Map for Network Traffic Characterization

Tan

Jamdagni

et al. 2011

Information and Communications Security

View full text Add to dashboard Cite

show abstract

“…To supplement a real but undisclosed log data set, we used the popular KDD Cup 99 data (Bache and Lichman, 2013). The data set does have many problems and limitations, e.g., the data is completely artificial and synthetic and might not represent real network traffic, and there are many redundant records which is problematic for machine learning algorithms (Tavallaee et al, 2009). On the other hand, the data set is widely used and is useful for comparisons.…”

Section: New Unpublished Resultsmentioning

confidence: 99%

Growing Hierarchical Self-organizing Maps and Statistical Distribution Models for Online Detection of Web Attacks

Zolotukhin

Hämäläinen

Juvonen

2013

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

“…Although we know that there are a couple of discussions about using KDD99 data as evaluation data [9], for now it is the only candidate for using network intrusion evaluation data.…”

Section: B Evaluation Datamentioning

confidence: 99%

Evaluation of Machine Learning Method for Intrusion Detection System on Jubatus

Ogino¹

2015

IJMLC

View full text Add to dashboard Cite

Abstract-The network intrusion is becoming a big threat for a lot of companies, organization and so on. Recent intrusions are becoming more clever and difficult to detect. Many of today's intrusion detection systems are based on signature-based. They have good performance for known attacks, but theoretically they are not able to detect unknown attacks. On the other hand, an anomaly detection system can detect unknown attacks and is getting focus recently. We study an anomaly detection system as one application area of machine learning technology. In this paper, we study the effectiveness and the performance experiments of one of the major anomaly detection scales, LOF, on distributed online machine learning framework, Jubatus. After basic experiment, we propose a new machine learning method and show our new method has a better performance than the original method.

show abstract

A detailed analysis of the KDD CUP 99 data set

Cited by 3,426 publications

References 13 publications

Multivariate Correlation Analysis Technique Based on Euclidean Distance Map for Network Traffic Characterization

Multivariate Correlation Analysis Technique Based on Euclidean Distance Map for Network Traffic Characterization

Growing Hierarchical Self-organizing Maps and Statistical Distribution Models for Online Detection of Web Attacks

Evaluation of Machine Learning Method for Intrusion Detection System on Jubatus

Contact Info

Product

Resources

About