MITRE - Our Work - Technical Papers - 2001 - Data Mining for Network Intrusion Detection: How to Get Started

	Overview
	Acquisition and Systems Analysis
	Airspace Development, Safety, Security
	Command and Control
	Cybersecurity
	Emerging Technologies
	Enterprise Systems Engineering
	Global Networking
	Healthcare Transformation
	Homeland Security
	Intelligence, Surveillance, Reconnaissance
	Large-Scale Enterprise Transformation
	MITRE Research Program
	Technology Transfer Office
	Technical Papers

Home > Our Work > Technical Papers >

Data Mining for Network Intrusion Detection: How to Get Started

August 2001

Eric Bloedorn, The MITRE Corporation
Alan D. Christiansen, The MITRE Corporation
William Hill, The MITRE Corporation
Clement Skorupka, The MITRE Corporation
Lisa M. Talbot, The MITRE Corporation
Jonathan Tivel, The MITRE Corporation

ABSTRACT

Recently there has been much interest in applying data mining to computer network intrusion detection. For the past two years, MITRE has been exploring how to make data mining useful in this context. This paper provides lessons learned in this task. Based upon our experiences in getting started on this type of project, we suggest data mining techniques to consider and types of expertise and infrastructure needed. This paper has two intended audiences: network security professionals with little background in data mining, and data mining experts with little background in network intrusion detection.

» Download Paper [PDF, 45KB]

Additional Search Keywords

data mining, intrusion detection, computer network security

Page last updated: August 27, 2001 | Top of page

	Serving as Architects of Information Advantage.™ Copyright © 1997-2008, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation. Material on this site may be copied and distributed with permission only.
	Privacy Policy \| Contact Us