In this paper we will implement a software component for filtering rough network traffic to extract TCP traffic, and process it into structured connection records using data mining techniques to build a training data set; consisting of multi features items and usable in detecting some types of DOS (Denial of service) attacks like SynFlood attack; when the destination is flooded by connection requests via spoofed IP addresses within a small time window. This data set would be formatted with ARFF format and used in evaluating some classification algorithms implemented in WEKA machine learning framework to extract the best detection model for the purpose of improving the efficiency of network intrusion detection within audit trails.
Copyright © 2015 Praise Worthy Prize - All rights reserved.

Lee, W &Stolfo, S.J, (2000)- Data Mining Approaches for Intrusion Detection. Computer Science Department, Columbia University, New York.

Raju,P.N,(2005)- State-of-the-art Intrusion Detection:Technologies, Challenges, and Evaluation. Information theory Divison, Dept of Electrical Engineering, Linkoping University, 86 P.

Rehman, R, (2003) Pearson Education, Inc-Intrusion Detection System s with Snort. Publishing as Prentice Hall PTR- Upper Saddle River, New Jersey 07458- Printed in the United States of America 1st Printing, 275P.

Lazarević, A &Srivastava, J and Kumar, V,(2003) - Data Mining for Intrusion Detection. Army High Performance Computing Research Center, University of Minnesota, (Tutorial on the Pacific-Asia Conference on Knowledge Discovery in Databases).

Nguyen, H.A & Choi, D, (2008) - Application of Data Mining to Network Intrusion Detection: Classifier Selection Model. Chonnam National University, Computer Science Department, 300 Yongbong-dong, Buk-ku, Gwangju 500-757, Korea.

Shafi, K & Abbass, H.A & Zhu, W,(2009) - A Methodology to Evaluate Supervised Learning Algorithms for Intrusion Detection. School of Engineering and Information Technology (SEIT), Canberra ACT 2600, Australia.

Benferhat ,S &Sedki ,K and Tabia, K, (2007)-preprocessing rough network traffic for intrusion detection purposes. cril-cnrsfre, Université d'Artois, Faculté des Sciences Jean Perrin, Rue Jean Souvraz, France.

Lee, W, (1999) - A Data Mining Framework for Constructing Features and Models for Intrusion Detection Systems, PhD thesis, Columbia University.

Singh, G &Masseglia, F &Fiot, C & Marascu, A and Poncelet, P, (2004)- Mining Common Outliers for Intrusion Detection. (INRIA), Sophia Antipolis, France.
http://dx.doi.org/10.1007/978-3-642-00580-0_13

Cunningham, R. K. & Lippmann, R. P. & Fried, D. J. & Garfinkel, S. L. & Graf, I & Kendall, K. R. & Webster, S. E. & Wyschogrod, D and Zissman, M. A, (1999)- Evaluating Intrusion Detection Systems without Attacking your Friends: The 1998 DARPA Intrusion Detection Evaluation. Massachusetts inst. of tech Lexington Lincoln lab.
http://dx.doi.org/10.1109/discex.2000.821506

Lee, W &Stolfo, S.J and Mok, K.W, (2000) -A Data Mining Framework for Building Intrusion Detection Models. Computer Science Department, Columbia University, New York.

Tavallaee, M & Bagheri, E & Lu, W and Ghorbani, A.A,(2009)-ADetailed Analysis of the KDDCUP99 Data Set. University of New Brunswick, Fredericton, NB, Canada &Institute for Information Technology, National Research Council Canada.(proocedings of the 2009 IEEE Symposium on Comp-utational Intelligence in Security and Defence Applications(CISDA).

Engage Packet Builder software, available on:

http://www.engagesecurity.com.

Weka – Data Mining Machine Learning Software, available on:

http://www.cs.waikato.ac.nz/ml/weka/.

Bouckaert, R & Frank, E & Hall, M &Kirkby, R &Reutemann, P &Seewald, A and Scuse,D,(2012) - WEKA Manual for Version 3-6-8. University of waikato, 303P.

Enshaei, M., Hanapi, Z.M., Othman, M., A review: Mobile Ad Hoc networks challenges, attacks, security, vulnerability and routing protocols, (2014) International Journal on Communications Antenna and Propagation (IRECAP), 4 (5), pp. 168-179.
http://dx.doi.org/10.15866/irecap.v4i5.3001