The Integration of SNORT with K-Means Clustering Algorithm to Detect New Attack
|
|
- Madeleine Pitts
- 8 years ago
- Views:
Transcription
1 The Integration of SNORT with K-Means Clustering Algorithm to Detect New Attack Asnita Hashim, University of Technology MARA, Malaysia April 14-15, 2011
2 The Integration of SNORT with K-Means Clustering Algorithm to Detect New Attack Problem Statement Objective Related works Project Architecture Results Conclusion
3 Problem Statement Limitation of signature-based IDS is failure to identify novel attacks, and sometimes even minor variations of known patterns (Laskov, 2007). Anomaly detection has an advantage over signature-based detection in that a new attack for which a signature does not exist can be detected if it falls out of the normal traffic patterns. Limitation of anomaly detection is it suffer high false detection rate. Therefore there is a need to combine both algorithms which is signature based and anomaly based in order to improve the detection of new malicious packet and reduce excessive false alarm rate (rthcutt, 2010) PAGE 3
4 Objective To integrate Snort with K-means clustering algorithm in order to improve the detection of new malicious packet and reduce excessive false alarm rate. PAGE 4
5 IDS Techniques Signature based Anomaly based Anomaly Statistical based Snort Knowledge based Machine learning based Bayesian Network Markov Model Genetic Algorithm Neural Network Clustering Algorithm Fuzzy Logic K-means Algorithm PAGE 5
6 Related works Title and Author Hybrid Intrusion Detection with Weighted Signature Generation over Anomalous Internet Episode (Hwang et al, 2007) Network-based hybrid IDS and honeysystems as Active Reaction Schemes (Teodoro et al, 2007) Research and Implementation on Snort-based Hybrid Intrusion Detection System (Ding et al, 2009) A Hybrid Intrusion Detection System Design for Computer Network Security (Aydin et al, 2009) Design of A Snort-based hybrid Intrusion Detection System (Gomez et al, 2009) Contribution Developed a weighted signature generation scheme to integrate anomaly detection system(ads) with Snort by extracting signatures from anomalies detected. Proposed Markov model, an anomaly-based detection combined with Snort, a signaturebased one, thus producing in a hybrid detection system Combination of SNORT and ADS used was called the frequency episode rule algorithm. Developed the hybrid IDS by combining packet header anomaly detection (PHAD) and network traffic anomaly detection (NETAD) which are anomaly-based IDSs with the misuse-based IDS Snort. Presents a new anomaly pre-processor using statistical-based algorithm that extends the functionality of Snort IDS, making it a hybrid IDS. PAGE 6
7 Algorithm in Clustering Algorithm K-Means Algorithm Start Number of cluster K _ Centroid Distance object to centroids object move group + End Grouping based on minimum distance PAGE 7
8 Process flow diagram Start Input: Network Packet Signature-based Snort (Signature Detection) Attack? Packet Drop Anomaly-based NO Perform K-means Clustering algorithm Detect attack Output: Create New Rule NO End PAGE 8
9 Cluster process for network Packet Input: rmal Packet from Snort Anomaly-based Perform K-means Algorithm Analysis Result Smallest Cluster Analysis based on this cluster, which contains the smallest number of packet to determine whether it is normal or not Output : new attack PAGE 9
10 Experiment Experiment Name Number of cluster Experiment-1 5 Experiment-2 9 Experiment-3 13 Experiment-4 17 Experiment-5 21 Experiment-6 25 PAGE 10
11 Results Experiment Name Experiment-1 (.of cluster = 5) Experiment-2 (.of cluster = 9) Experiment-3 (.of cluster = 13) Experiment-4 (.of cluster = 17) Experiment-5 (.of cluster = 21) Experiment-6 (.of cluster = 25) Cluster no. with smallest no. of packet Packet Series. False alarm True alarm 0 (2 packets) (1 packet) (1 packet) (1 packet) 16 (1 packet) 3 (1 packet) 6 (1 packet) 7 (1 packet) 8 (1 packet) 3 (1 packet) 9 (1 packet) 17 (1 packet) 24 (1 packet) PAGE 11
12 Results Experiment Name Experiment-1 (.of cluster = 5) Experiment-2 (.of cluster = 9) Experiment-3 (.of cluster = 13) Experiment-4 (.of cluster = 17) Experiment-5 (.of cluster = 21) Experiment-6 (.of cluster = 25) Cluster no. with smallest no. of packet Packet Series. False alarm True alarm 0 (2 packets) (1 packet) (1 packet) (1 packet) 16 (1 packet) 3 (1 packet) 6 (1 packet) 7 (1 packet) 8 (1 packet) 3 (1 packet) 9 (1 packet) 17 (1 packet) 24 (1 packet) PAGE 12
13 Conclusion The research objective is to integrate Snort with K-means algorithm and detect new attack using these proposed IDS. Six sets of experiment were conducted using different number of cluster and the result for each set of experiment was compared to determine the optimum cluster number. During result analysis, two new attacks were discovered, and the optimum cluster number for this experiment is 17 clusters which have the highest attack detection and no false positive alarm. Based on the results, the objective of this research which is to detect new attack has been successfully obtained This finding will encourage generation of new theory, concepts and idea catalyze new discovery and innovative invention for knowledge enhances. PAGE 13 Kaspersky Lab PowerPoint Template April 24, 2011
14 Thank You
CSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Intrusion Detection System 1 Intrusion Definitions A set of actions aimed to compromise the security
More informationRole of Anomaly IDS in Network
Role of Anomaly IDS in Network SumathyMurugan 1, Dr.M.Sundara Rajan 2 1 Asst. Prof, Department of Computer Science, Thiruthangal Nadar College, Chennai -51. 2 Asst. Prof, Department of Computer Science,
More informationIDS Categories. Sensor Types Host-based (HIDS) sensors collect data from hosts for
Intrusion Detection Intrusion Detection Security Intrusion: a security event, or a combination of multiple security events, that constitutes a security incident in which an intruder gains, or attempts
More informationIntrusion Detection. Jeffrey J.P. Tsai. Imperial College Press. A Machine Learning Approach. Zhenwei Yu. University of Illinois, Chicago, USA
SERIES IN ELECTRICAL AND COMPUTER ENGINEERING Intrusion Detection A Machine Learning Approach Zhenwei Yu University of Illinois, Chicago, USA Jeffrey J.P. Tsai Asia University, University of Illinois,
More informationIntegration Misuse and Anomaly Detection Techniques on Distributed Sensors
Integration Misuse and Anomaly Detection Techniques on Distributed Sensors Shih-Yi Tu Chung-Huang Yang Kouichi Sakurai Graduate Institute of Information and Computer Education, National Kaohsiung Normal
More informationCHAPTER 1 INTRODUCTION
21 CHAPTER 1 INTRODUCTION 1.1 PREAMBLE Wireless ad-hoc network is an autonomous system of wireless nodes connected by wireless links. Wireless ad-hoc network provides a communication over the shared wireless
More informationHow To Prevent Network Attacks
Ali A. Ghorbani Wei Lu Mahbod Tavallaee Network Intrusion Detection and Prevention Concepts and Techniques )Spri inger Contents 1 Network Attacks 1 1.1 Attack Taxonomies 2 1.2 Probes 4 1.2.1 IPSweep and
More informationHybrid Intrusion Detection System Using K-Means Algorithm
International Journal of Computer Sciences and Engineering Open Access Review Paper Volume-4, Issue-3 E-ISSN: 2347-2693 Hybrid Intrusion Detection System Using K-Means Algorithm Darshan K. Dagly 1*, Rohan
More informationDevelopment of a Network Intrusion Detection System
Development of a Network Intrusion Detection System (I): Agent-based Design (FLC1) (ii): Detection Algorithm (FLC2) Supervisor: Dr. Korris Chung Please visit my personal homepage www.comp.polyu.edu.hk/~cskchung/fyp04-05/
More informationSURVEY OF INTRUSION DETECTION SYSTEM
SURVEY OF INTRUSION DETECTION SYSTEM PRAJAPATI VAIBHAVI S. SHARMA DIPIKA V. ASST. PROF. ASST. PROF. MANISH INSTITUTE OF COMPUTER STUDIES MANISH INSTITUTE OF COMPUTER STUDIES VISNAGAR VISNAGAR GUJARAT GUJARAT
More informationPerformance Evaluation of Intrusion Detection Systems
Performance Evaluation of Intrusion Detection Systems Waleed Farag & Sanwar Ali Department of Computer Science at Indiana University of Pennsylvania ABIT 2006 Outline Introduction: Intrusion Detection
More informationApplying Data Mining of Fuzzy Association Rules to Network Intrusion Detection
Applying Data Mining of Fuzzy Association Rules to Network Intrusion Detection Authors: Aly El-Semary, Janica Edmonds, Jesús González-Pino, and Mauricio Papa Center for Information Security Department
More informationA Survey on Intrusion Detection System with Data Mining Techniques
A Survey on Intrusion Detection System with Data Mining Techniques Ms. Ruth D 1, Mrs. Lovelin Ponn Felciah M 2 1 M.Phil Scholar, Department of Computer Science, Bishop Heber College (Autonomous), Trichirappalli,
More informationSystem Specification. Author: CMU Team
System Specification Author: CMU Team Date: 09/23/2005 Table of Contents: 1. Introduction...2 1.1. Enhancement of vulnerability scanning tools reports 2 1.2. Intelligent monitoring of traffic to detect
More informationIntrusion Detection Using Data Mining Along Fuzzy Logic and Genetic Algorithms
IJCSNS International Journal of Computer Science and Network Security, VOL.8 No., February 8 7 Intrusion Detection Using Data Mining Along Fuzzy Logic and Genetic Algorithms Y.Dhanalakshmi and Dr.I. Ramesh
More informationDetection. Perspective. Network Anomaly. Bhattacharyya. Jugal. A Machine Learning »C) Dhruba Kumar. Kumar KaKta. CRC Press J Taylor & Francis Croup
Network Anomaly Detection A Machine Learning Perspective Dhruba Kumar Bhattacharyya Jugal Kumar KaKta»C) CRC Press J Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor
More informationNetwork Intrusion Detection Systems
Network Intrusion Detection Systems False Positive Reduction Through Anomaly Detection Joint research by Emmanuele Zambon & Damiano Bolzoni 7/1/06 NIDS - False Positive reduction through Anomaly Detection
More informationAdvancement in Virtualization Based Intrusion Detection System in Cloud Environment
Advancement in Virtualization Based Intrusion Detection System in Cloud Environment Jaimin K. Khatri IT Systems and Network Security GTU PG School, Ahmedabad, Gujarat, India Mr. Girish Khilari Senior Consultant,
More informationIntrusion Detection for Mobile Ad Hoc Networks
Intrusion Detection for Mobile Ad Hoc Networks Tom Chen SMU, Dept of Electrical Engineering tchen@engr.smu.edu http://www.engr.smu.edu/~tchen TC/Rockwell/5-20-04 SMU Engineering p. 1 Outline Security problems
More informationTwo State Intrusion Detection System Against DDos Attack in Wireless Network
Two State Intrusion Detection System Against DDos Attack in Wireless Network 1 Pintu Vasani, 2 Parikh Dhaval 1 M.E Student, 2 Head of Department (LDCE-CSE) L.D. College of Engineering, Ahmedabad, India.
More informationComputers and Electrical Engineering
Computers and Electrical Engineering 35 (2009) 517 526 Contents lists available at ScienceDirect Computers and Electrical Engineering journal homepage: www.elsevier.com/locate/compeleceng A hybrid intrusion
More informationIntrusion Detection System in Campus Network: SNORT the most powerful Open Source Network Security Tool
Intrusion Detection System in Campus Network: SNORT the most powerful Open Source Network Security Tool Mukta Garg Assistant Professor, Advanced Educational Institutions, Palwal Abstract Today s society
More informationTesting Of Network Intrusion Detection System
Testing Of Network Intrusion Detection System B.S.Chaitanya Vamsee Pavan KL University,Vijayawada Andhara Pradesh,India bscvpavan369@gmail.com M.Nalini Sri KL University,Vijayawada Andhara Pradesh,India
More informationKEITH LEHNERT AND ERIC FRIEDRICH
MACHINE LEARNING CLASSIFICATION OF MALICIOUS NETWORK TRAFFIC KEITH LEHNERT AND ERIC FRIEDRICH 1. Introduction 1.1. Intrusion Detection Systems. In our society, information systems are everywhere. They
More informationSurvey of Data Mining Approach using IDS
Survey of Data Mining Approach using IDS 1 Raman kamboj, 2 Kamal Kumar Research Scholar, Assistant Professor SDDIET, Department of Computer Science & Engineering, Kurukshetra Universty Abstract - In our
More informationA survey on Data Mining based Intrusion Detection Systems
International Journal of Computer Networks and Communications Security VOL. 2, NO. 12, DECEMBER 2014, 485 490 Available online at: www.ijcncs.org ISSN 2308-9830 A survey on Data Mining based Intrusion
More informationIntroduction... Error! Bookmark not defined. Intrusion detection & prevention principles... Error! Bookmark not defined.
Contents Introduction... Error! Bookmark not defined. Intrusion detection & prevention principles... Error! Bookmark not defined. Technical OverView... Error! Bookmark not defined. Network Intrusion Detection
More informationHYBRID INTRUSION DETECTION FOR CLUSTER BASED WIRELESS SENSOR NETWORK
HYBRID INTRUSION DETECTION FOR CLUSTER BASED WIRELESS SENSOR NETWORK 1 K.RANJITH SINGH 1 Dept. of Computer Science, Periyar University, TamilNadu, India 2 T.HEMA 2 Dept. of Computer Science, Periyar University,
More informationTitle: Alert Correlation in Collaborative Intelligent Intrusion Detection Systems-ASurvey
Title: Alert Correlation in Collaborative Intelligent Intrusion Detection Systems-ASurvey Authors: Izzeldin Mohamed Osman, Huwaida Tagelsir Elshoush PII: S1568-4946(10)00311-X DOI: doi:10.1016/j.asoc.2010.12.004
More informationFIREWALLS. Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others
FIREWALLS FIREWALLS Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others FIREWALLS: WHY Prevent denial of service attacks: SYN flooding: attacker
More informationDetecting Anomaly IDS in Network using Bayesian Network
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661, p- ISSN: 2278-8727Volume 16, Issue 1, Ver. III (Jan. 2014), PP 01-07 Detecting Anomaly IDS in Network using Bayesian Network [1] Mrs.SumathyMuruganAsst.
More informationIntrusion Detection Systems. Overview. Evolution of IDSs. Oussama El-Rawas. History and Concepts of IDSs
Intrusion Detection Systems Oussama El-Rawas History and Concepts of IDSs Overview A brief description about the history of Intrusion Detection Systems An introduction to Intrusion Detection Systems including:
More informationIntrusion Detection System Based Network Using SNORT Signatures And WINPCAP
Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP Aakanksha Vijay M.tech, Department of Computer Science Suresh Gyan Vihar University Jaipur, India Mrs Savita Shiwani Head Of
More informationTaxonomy of Intrusion Detection System
Taxonomy of Intrusion Detection System Monika Sharma, Sumit Sharma Abstract During the past years, security of computer networks has become main stream in most of everyone's lives. Nowadays as the use
More informationComparative Study of Data Mining and Machine Learning Approach for Anomaly Detection
60 Comparative Study of Data Mining and Machine Learning Approach for Anomaly 1 Sunil M. Sangve, 2 Ravindra C. Thool 1 Computer Department, Savitribai Phule Pune University, ZCOER Pune, Maharashtra, India
More informationIntrusion Detection Systems, Advantages and Disadvantages
Politecnico di Milano Dip. Elettronica e Informazione Milano, Italy Unsupervised Learning and Data Mining for Intrusion Detection Stefano Zanero Ph.D. Student, Politecnico di Milano CTO & Founder, Secure
More informationDetecting 0-day attacks with Learning Intrusion Detection System
Politecnico di Milano Dip. Elettronica e Informazione Milano, Italy Detecting 0-day attacks with Learning Intrusion Detection System Stefano Zanero Ph.D. Student, Politecnico di Milano CTO & Founder, Secure
More informationAn Overview of Intrusion Detection System (IDS) along with its Commonly Used Techniques and Classifications
International Journal of Computer Science and Telecommunications [Volume 5, Issue 2, February 2014] 20 An Overview of Intrusion Detection System (IDS) along with its Commonly Used Techniques and Classifications
More informationHoney Bee Intelligent Model for Network Zero Day Attack Detection
Honey Bee Intelligent Model for Network Zero Day Attack Detection 1 AMAN JANTAN, 2 ABDULGHANI ALI AHMED School of Computer Sciences, Universiti Sains Malaysia (USM), Penang, Malaysia 1 aman@cs.usm.my,
More informationCONDOR: A Hybrid IDS to Offer Improved Intrusion Detection
CONDOR: A Hybrid IDS to Offer Improved Intrusion Detection DAY, David and FLORES, Denys Available from Sheffield Hallam University Research Archive (SHURA) at: http://shura.shu.ac.uk/5246/ This document
More informationInternational Journal of Innovative Research in Advanced Engineering (IJIRAE) ISSN: 2349-2163 Volume 1 Issue 11 (November 2014)
Denial-of-Service Attack Detection Mangesh D. Salunke * Prof. Ruhi Kabra G.H.Raisoni CEM, SPPU, Ahmednagar HOD, G.H.Raisoni CEM, SPPU,Ahmednagar Abstract: A DoS (Denial of Service) attack as name indicates
More informationInternational Journal of Computer Science Trends and Technology (IJCST) Volume 3 Issue 3, May-June 2015
RESEARCH ARTICLE OPEN ACCESS Data Mining Technology for Efficient Network Security Management Ankit Naik [1], S.W. Ahmad [2] Student [1], Assistant Professor [2] Department of Computer Science and Engineering
More informationSome Research Challenges for Big Data Analytics of Intelligent Security
Some Research Challenges for Big Data Analytics of Intelligent Security Yuh-Jong Hu hu at cs.nccu.edu.tw Emerging Network Technology (ENT) Lab. Department of Computer Science National Chengchi University,
More informationA Review of Anomaly Detection Techniques in Network Intrusion Detection System
A Review of Anomaly Detection Techniques in Network Intrusion Detection System Dr.D.V.S.S.Subrahmanyam Professor, Dept. of CSE, Sreyas Institute of Engineering & Technology, Hyderabad, India ABSTRACT:In
More informationCSCI 4250/6250 Fall 2015 Computer and Networks Security
CSCI 4250/6250 Fall 2015 Computer and Networks Security Network Security Goodrich, Chapter 5-6 Tunnels } The contents of TCP packets are not normally encrypted, so if someone is eavesdropping on a TCP
More informationIntrusion Detection Systems
Intrusion Detection Systems Principles, Architecture and Measurements S3 HUT,6.5.2003, Ville Jussila (vsjussil@netlab.hut.fi) Supervisor: prof. Jorma Jormakka, HUT - Networking Laboratory Contents Motivation
More informationFUZZY DATA MINING AND GENETIC ALGORITHMS APPLIED TO INTRUSION DETECTION
FUZZY DATA MINING AND GENETIC ALGORITHMS APPLIED TO INTRUSION DETECTION Susan M. Bridges Bridges@cs.msstate.edu Rayford B. Vaughn vaughn@cs.msstate.edu 23 rd National Information Systems Security Conference
More informationA Review on Network Intrusion Detection System Using Open Source Snort
, pp.61-70 http://dx.doi.org/10.14257/ijdta.2016.9.4.05 A Review on Network Intrusion Detection System Using Open Source Snort Sakshi Sharma and Manish Dixit Department of CSE& IT MITS Gwalior, India Sharmasakshi1009@gmail.com,
More informationA Proposed Architecture of Intrusion Detection Systems for Internet Banking
A Proposed Architecture of Intrusion Detection Systems for Internet Banking A B S T R A C T Pritika Mehra Post Graduate Department of Computer Science, Khalsa College for Women Amritsar, India Mehra_priti@yahoo.com
More informationWeb Application Security
Web Application Security Richard A. Kemmerer Reliable Software Group Computer Science Department University of California Santa Barbara, CA 93106, USA http://www.cs.ucsb.edu/~rsg www.cs.ucsb.edu/~rsg/
More informationCity Research Online. Permanent City Research Online URL: http://openaccess.city.ac.uk/1737/
Modi, C., Patel, D., Patel, H., Borisaniya, B., Patel, A. & Rajarajan, M. (2013). A survey of intrusion detection techniques in Cloud. Journal of Network and Computer Applications, 36(1), pp. 42-57. doi:
More informationA SURVEY ON GENETIC ALGORITHM FOR INTRUSION DETECTION SYSTEM
A SURVEY ON GENETIC ALGORITHM FOR INTRUSION DETECTION SYSTEM MS. DIMPI K PATEL Department of Computer Science and Engineering, Hasmukh Goswami college of Engineering, Ahmedabad, Gujarat ABSTRACT The Internet
More informationNovel DoS/DDoS Attack Detection and Signature Generation
vel DoS/DDoS Attack Detection and Signature Generation Vijay Katkar Department of Computer Engineering, Bharti Vidyapith Deemed University, Pune S. G. Bhirud, PhD. Department of Computer Engineering V.J.T.I.,
More informationGeneral Terms. Keywords 1. INTRODUCTION 2. RELATED WORKS
Design of a Hybrid Intrusion Detection System using Snort and Hadoop Prathibha.P.G P G Scholar Government Engineering College Thrissur, Kerala, India Dileesh.E.D Assistant Professor Government Engineering
More informationHybrid Intrusion Detection System Model using Clustering, Classification and Decision Table
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661, p- ISSN: 2278-8727Volume 9, Issue 4 (Mar. - Apr. 2013), PP 103-107 Hybrid Intrusion Detection System Model using Clustering, Classification
More informationThe Base Rate Fallacy and its Implications for the Difficulty of Intrusion Detection
The Base Rate Fallacy and its Implications for the Difficulty of Intrusion Detection Stefan Axelsson Presented by Kiran Kashalkar Agenda 1. 1. General Overview of of IDS 2. 2. Bayes Theorem and Base-Rate
More informationConclusions and Future Directions
Chapter 9 This chapter summarizes the thesis with discussion of (a) the findings and the contributions to the state-of-the-art in the disciplines covered by this work, and (b) future work, those directions
More informationIntrusion Detection: Game Theory, Stochastic Processes and Data Mining
Intrusion Detection: Game Theory, Stochastic Processes and Data Mining Joseph Spring 7COM1028 Secure Systems Programming 1 Discussion Points Introduction Firewalls Intrusion Detection Schemes Models Stochastic
More informationHybrid Model For Intrusion Detection System Chapke Prajkta P., Raut A. B.
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume1 Issue 3 Dec 2012 Page No. 151-155 Hybrid Model For Intrusion Detection System Chapke Prajkta P., Raut A. B.
More informationAdaptive Anomaly Detection for Network Security
International Journal of Computer and Internet Security. ISSN 0974-2247 Volume 5, Number 1 (2013), pp. 1-9 International Research Publication House http://www.irphouse.com Adaptive Anomaly Detection for
More informationIntrusion Detection Systems vs. Intrusion Prevention Systems. Sohkyoung (Michelle) Cho ACC 626
Intrusion Detection Systems vs. Intrusion Prevention Systems Sohkyoung (Michelle) Cho ACC 626 1.0 INTRODUCTION An increasing number of organizations use information systems to conduct their core business
More informationIntruders and viruses. 8: Network Security 8-1
Intruders and viruses 8: Network Security 8-1 Intrusion Detection Systems Firewalls allow traffic only to legitimate hosts and services Traffic to the legitimate hosts/services can have attacks CodeReds
More informationDenial of Service attacks: analysis and countermeasures. Marek Ostaszewski
Denial of Service attacks: analysis and countermeasures Marek Ostaszewski DoS - Introduction Denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to its intended
More informationA new Approach for Intrusion Detection in Computer Networks Using Data Mining Technique
A new Approach for Intrusion Detection in Computer Networks Using Data Mining Technique Aida Parbaleh 1, Dr. Heirsh Soltanpanah 2* 1 Department of Computer Engineering, Islamic Azad University, Sanandaj
More informationAnomaly-based Intrusion Detection in Software as a Service
Anomaly-based Intrusion Detection in Software as a Service Gustavo Nascimento, Miguel Correia Portugal Telecom Portugal Instituto Superior Técnico / INESC-ID Portugal gustavo-nascimento@telecom.pt, miguel.p.correia@ist.utl.pt
More informationStefano Zanero,, Ph.D.
Politecnico di Milano Dip. Elettronica e Informazione Milano, Italy 360 Unsupervised Anomaly-based Intrusion Detection Stefano Zanero,, Ph.D. Post-doc Researcher, Politecnico di Milano CTO & Founder, Secure
More informationARTIFICIAL INTELLIGENCE (CSCU9YE) LECTURE 6: MACHINE LEARNING 2: UNSUPERVISED LEARNING (CLUSTERING)
ARTIFICIAL INTELLIGENCE (CSCU9YE) LECTURE 6: MACHINE LEARNING 2: UNSUPERVISED LEARNING (CLUSTERING) Gabriela Ochoa http://www.cs.stir.ac.uk/~goc/ OUTLINE Preliminaries Classification and Clustering Applications
More informationStochastic Protocol Modeling for Anomaly-Based Network Intrusion Detection
2003 IEEE International Workshop on Information Assurance March 24th, 2003 Darmstadt, Germany Stochastic Protocol Modeling for Anomaly-Based Network Intrusion Detection Juan M. Estévez-Tapiador (tapiador@ugr.es)
More informationData Mining For Intrusion Detection Systems. Monique Wooten. Professor Robila
Data Mining For Intrusion Detection Systems Monique Wooten Professor Robila December 15, 2008 Wooten 2 ABSTRACT The paper discusses the use of data mining techniques applied to intrusion detection systems.
More informationAn Intelligent Firewall to Detect Novel Attacks
An Intelligent Firewall to Detect Novel Attacks An Integrated Approach based on Anomaly Detection Against Virus Attacks InSeon Yoo and Ulrich Ultes-Nitsche Department of Electronics and Computer Science,
More informationAttack Evaluation and Mitigation Framework
Attack Evaluation and Mitigation Framework Laura Gheorghe, Răzvan Rughiniş, Nicolae Ţăpuş Politehnica University of Bucharest, Romania laura.gheorghe@cs.pub.ro, razvan.rughinis@cs.pub.ro, ntapus@cs.pub.ro
More informationUsing Artificial Intelligence in Intrusion Detection Systems
Using Artificial Intelligence in Intrusion Detection Systems Matti Manninen Helsinki University of Technology mimannin@niksula.hut.fi Abstract Artificial Intelligence could make the use of Intrusion Detection
More informationA Model-based Approach to Self-Protection in SCADA Systems
A Model-based Approach to Self-Protection in SCADA Systems Qian Chen Electrical and Computer Engineering Mississippi State University qc34@msstate.edu Sherif Abdelwahed Electrical and Computer Engineering
More informationMeasuring Intrusion Detection Capability: An Information-Theoretic Approach
Measuring Intrusion Detection Capability: An Information-Theoretic Approach Guofei Gu, Prahlad Fogla, David Dagon, Boris Škorić Wenke Lee Philips Research Laboratories, Netherlands Georgia Institute of
More informationAn Efficient Way of Denial of Service Attack Detection Based on Triangle Map Generation
An Efficient Way of Denial of Service Attack Detection Based on Triangle Map Generation Shanofer. S Master of Engineering, Department of Computer Science and Engineering, Veerammal Engineering College,
More informationData Mining for Network Intrusion Detection
Data Mining for Network Intrusion Detection S Terry Brugger UC Davis Department of Computer Science Data Mining for Network Intrusion Detection p.1/55 Overview This is important for defense in depth Much
More informationIntrusion Detection in AlienVault
Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat
More informationNetwork Based Intrusion Detection Using Honey pot Deception
Network Based Intrusion Detection Using Honey pot Deception Dr.K.V.Kulhalli, S.R.Khot Department of Electronics and Communication Engineering D.Y.Patil College of Engg.& technology, Kolhapur,Maharashtra,India.
More informationHost-Based Intrusion Detection Using User Signatures
Host-Based Intrusion Detection Using User Signatures Seth Freeman Rensselaer olytechnic Institute 110 8th Street freems@cs.rpi.edu Alan Bivens Rensselaer olytechnic Institute 110 8 th street bivenj@cs.rpi.edu
More informationIDPS: An Integrated Intrusion Handling Model for Cloud Computing Environment
IDPS: An Integrated Intrusion Handling Model for Cloud Computing Environment Hassen Mohammed Alsafi, Wafaa Mustafa Abduallah and Al-Sakib Khan Pathan Department of Computer Science Faculty of Information
More informationSystem for Denial-of-Service Attack Detection Based On Triangle Area Generation
System for Denial-of-Service Attack Detection Based On Triangle Area Generation 1, Heena Salim Shaikh, 2 N Pratik Pramod Shinde, 3 Prathamesh Ravindra Patil, 4 Parag Ramesh Kadam 1, 2, 3, 4 Student 1,
More informationIntrusion Detection System (IDS)
Intrusion Detection System (IDS) Characteristics Systems User, Process predictable actions describing process under that actions what pattern subvert actions attack of correspond the systems processes
More informationDNIDS: A Dependable Network Intrusion Detection System Using the CSI-KNN Algorithm
DNIDS: A Dependable Network Intrusion Detection System Using the CSI-KNN Algorithm by Liwei (Vivian) Kuang A thesis submitted to the School of Computing in conformity with the requirements for the degree
More informationHow To Detect Denial Of Service Attack On A Network With A Network Traffic Characterization Scheme
Efficient Detection for DOS Attacks by Multivariate Correlation Analysis and Trace Back Method for Prevention Thivya. T 1, Karthika.M 2 Student, Department of computer science and engineering, Dhanalakshmi
More informationData Mining + Business Intelligence. Integration, Design and Implementation
Data Mining + Business Intelligence Integration, Design and Implementation ABOUT ME Vijay Kotu Data, Business, Technology, Statistics BUSINESS INTELLIGENCE - Result Making data accessible Wider distribution
More informationAn Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks
2011 International Conference on Network and Electronics Engineering IPCSIT vol.11 (2011) (2011) IACSIT Press, Singapore An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks Reyhaneh
More information3. OUR PROPOSED APPROACH
Converting Network Attacks to Standard Semantic Web Form in Cloud Computing Infrastructure Afshin Rezakhani Roozbahani Ayatollah Boroujerdi University Boroujerd, Iran Leila Rikhtechi Islamic Azad University
More informationFalse Positives Reduction Techniques in Intrusion Detection Systems-A Review
128 False Positives Reduction Techniques in Intrusion Detection Systems-A Review Asieh Mokarian, Ahmad Faraahi, Arash Ghorbannia Delavar, Payame Noor University, Tehran, IRAN Summary During the last decade
More informationKingston University London
Kingston University London Analysis and Testing of Intrusion Detection/Prevention Systems (IDS/IPS) XYLANGOURAS ELEFTHERIOS Master of Science in Networking and Data Communications THESIS Kingston University
More informationA HYBRID RULE BASED FUZZY-NEURAL EXPERT SYSTEM FOR PASSIVE NETWORK MONITORING
A HYBRID RULE BASED FUZZY-NEURAL EXPERT SYSTEM FOR PASSIVE NETWORK MONITORING AZRUDDIN AHMAD, GOBITHASAN RUDRUSAMY, RAHMAT BUDIARTO, AZMAN SAMSUDIN, SURESRAWAN RAMADASS. Network Research Group School of
More informationSTUDY OF IMPLEMENTATION OF INTRUSION DETECTION SYSTEM (IDS) VIA DIFFERENT APPROACHS
STUDY OF IMPLEMENTATION OF INTRUSION DETECTION SYSTEM (IDS) VIA DIFFERENT APPROACHS SACHIN MALVIYA Student, Department of Information Technology, Medicaps Institute of Science & Technology, INDORE (M.P.)
More informationUSING GENETIC ALGORITHM IN NETWORK SECURITY
USING GENETIC ALGORITHM IN NETWORK SECURITY Ehab Talal Abdel-Ra'of Bader 1 & Hebah H. O. Nasereddin 2 1 Amman Arab University. 2 Middle East University, P.O. Box: 144378, Code 11814, Amman-Jordan Email:
More informationCHAPTER VII CONCLUSIONS
CHAPTER VII CONCLUSIONS To do successful research, you don t need to know everything, you just need to know of one thing that isn t known. -Arthur Schawlow In this chapter, we provide the summery of the
More informationModule II. Internet Security. Chapter 7. Intrusion Detection. Web Security: Theory & Applications. School of Software, Sun Yat-sen University
Module II. Internet Security Chapter 7 Intrusion Detection Web Security: Theory & Applications School of Software, Sun Yat-sen University Outline 7.1 Threats to Computer System 7.2 Process of Intrusions
More informationOnline Network Traffic Security Inspection Using MMT Tool
Online Network Traffic Security Inspection Using MMT Tool Wissam Mallouli, Bachar Wehbi, Edgardo Montes de Oca Michel Bourdellès, Denis Rocher and Arnaud Baloche Montimage EURL, 39 rue Bobillot, 75013
More informationOverview - Snort Intrusion Detection System in Cloud Environment
International Journal of Information and Computation Technology. ISSN 0974-2239 Volume 4, Number 3 (2014), pp. 329-334 International Research Publications House http://www. irphouse.com /ijict.htm Overview
More informationIntrusion Detection Systems
Intrusion Detection Systems Sokratis K. Katsikas Dept. of Digital Systems University of Piraeus ska@unipi.gr Agenda Overview of IDS Intrusion prevention using game theory Reducing false positives Clustering
More informationCS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013
CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationFuzzy Network Profiling for Intrusion Detection
Fuzzy Network Profiling for Intrusion Detection John E. Dickerson (jedicker@iastate.edu) and Julie A. Dickerson (julied@iastate.edu) Electrical and Computer Engineering Department Iowa State University
More information