A statistical model for network data analysis: KDD CUP 99' data evaluation and its comparing with MIT Lincoln Laboratory network data

In network data analysis, research about how accurate the estimation model represents the universe is inevitable. As the speed of the network increases, so will the attacking methods on future generation communication network. To correspond to these wide variety of attacks, intrusion detection systems and intrusion prevention systems also need a wide variety of counter measures. As a result, an effective method to compare and analyze network data is needed. These methods are needed because when a method to compare and analyze network data is effective, the verification of intrusion detection systems and intrusion prevention systems can be trusted. In this paper, we use extractable standard protocol information of network data to compare and analyze the data of MIT Lincoln Lab with the data of KDD CUP 99 (modeled from Lincoln Lab). Correspondence Analysis and statistical analyzing method is used for comparing data. (C) 2009 Published by Elsevier B.V.