Download IIDPS: An Internal Intrusion Detection and

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
Document related concepts

Cracking of wireless networks wikipedia , lookup

Cross-site scripting wikipedia , lookup

Unix security wikipedia , lookup

Mobile device forensics wikipedia , lookup

Malware wikipedia , lookup

Distributed firewall wikipedia , lookup

Information privacy law wikipedia , lookup

Data remanence wikipedia , lookup

Hacker wikipedia , lookup

Computer security wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Mobile security wikipedia , lookup

Cyberattack wikipedia , lookup

Cybercrime wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Transcript 
An Internal Intrusion Detection and Protection
System by Using Data Mining and
Forensic Techniques
ABSTRACT
Over the past several years, the Internet environment has become more
complex and untrusted. Enterprise networked systems are inevitably exposed to the
increasing threats posed by hackers as well as malicious users internal to a
network. IDS technology is one of the important tools used now-a-days, to counter
such threats. Various IIDS techniques has been proposed, which identifies and
alarms for such threats or attacks. IIDS are an essential component of the network
to be secured. The traditional IIDS are unable to manage various newly arising
attacks. To deal with these new problems of networks, data mining based IIDS are
opening new research avenues. Data mining provides a wide range of techniques to
classify these attacks. The paper provides a study on the various data mining based
intrusion detection techniques.
In this paper, we propose a security system, named the Internal Intrusion
Detection and Protection System (IIDPS for short) at system call level, which
creates personal profiles for users to keep track of their usage habits as the forensic
features, and determines whether a legally login users is the owner of the account
or not by comparing his/her current computer usage behaviors with the user’s
computer usage habits collected in the account holder’s personal profile. The
IIDPS uses a local computational grid to detect malicious behaviors in a real-time
manner. Our experimental results show that the IIDPS’s user identification
accuracy is 93%, the accuracy on detecting its internal malicious attempts is up to
99% and the response time is less than 0.45 sec., implying that it can prevent a
protected system from internal attacks effectively and efficiently.
Related documents
No Slide Title
No Slide Title
601323 Data Mining
601323 Data Mining
- VTUPlanet
- VTUPlanet
Principles of Data Mining. (2001) David Hand, Heikki Mannila, and
Principles of Data Mining. (2001) David Hand, Heikki Mannila, and
Data Mining and the Web
Data Mining and the Web
Database Management Systems (COSC 340H)
Database Management Systems (COSC 340H)
Abstract-The paper`s object is to develop a network intrusion
Abstract-The paper`s object is to develop a network intrusion
Introduction to Information Security Chapter N
Introduction to Information Security Chapter N
Chapter 2 - Department of Accounting and Information Systems
Chapter 2 - Department of Accounting and Information Systems
csi5387-2012
csi5387-2012
Slides
Slides
Data Mining in Contracook
Data Mining in Contracook
Introduction to Information Security Chapter N
Introduction to Information Security Chapter N
- EdShare - University of Southampton
- EdShare - University of Southampton
Malicious code, Mobile Code and Denial of Service attacks
Malicious code, Mobile Code and Denial of Service attacks
Database Intrusion Detection with Automated Recovery
Database Intrusion Detection with Automated Recovery
The Need for Information Security
The Need for Information Security
E-Commerce and Bank Security
E-Commerce and Bank Security
Chapter 2
Chapter 2
Web server software
Web server software
Building Survivable Systems based on Intrusion Detection and
Building Survivable Systems based on Intrusion Detection and
Security
Security