I need to create Attack signatures for Signature-Based Intrusion Detection using the KDD data set. Is it possible to use Apriori (or any Association rule learning algorithm) for this task? If not please suggest alternative method.
Sure, you can use association rules to create attack signatures. I guess, even frequent itemsets would be sufficient: Extract of known attacks common attributes and create therefore frequent itemsets to detect an up coming attack. From those frequent itemsets you can extract association rules. Those would be handy in so far, that one could predict i.e. the next step of an current attack.