an internal intrusion detection and protection[new][ieee]

advertisement
An Internal Intrusion Detection and Protection
System by Using Data Mining and
Forensic Techniques
ABSTRACT
Over the past several years, the Internet environment has become more
complex and untrusted. Enterprise networked systems are inevitably exposed to
the increasing threats posed by hackers as well as malicious users internal to a
network. IDS technology is one of the important tools used now-a-days, to
counter such threats. Various IIDS techniques has been proposed, which
identifies and alarms for such threats or attacks. IIDS are an essential component
of the network to be secured. The traditional IIDS are unable to manage various
newly arising attacks. To deal with these new problems of networks, data mining
based IIDS are opening new research avenues. Data mining provides a wide range
of techniques to classify these attacks. The paper provides a study on the various
data mining based intrusion detection techniques.
In this paper, we propose a security system, named the Internal Intrusion
Detection and Protection System (IIDPS for short) at system call level, which
creates personal profiles for users to keep track of their usage habits as the
forensic features, and determines whether a legally login users is the owner of the
account or not by comparing his/her current computer usage behaviors with the
user’s computer usage habits collected in the account holder’s personal profile.
The IIDPS uses a local computational grid to detect malicious behaviors in a realtime manner. Our experimental results show that the IIDPS’s user identification
accuracy is 93%, the accuracy on detecting its internal malicious attempts is up
to 99% and the response time is less than 0.45 sec., implying that it can prevent a
protected system from internal attacks effectively and efficiently.
SYSTEM REQUIREMENTS
Hardware Requirements
 Processor
: Any Processor above 500 MHz
 RAM
: 512 MB.
 Hard Disk
: 320 GB.
 Input Device
: Standard Keyboard & Mouse.
 Output Device
: VGA & High Resolution Monitor.
Software Requirements
 Domain
: Cloud Computing
 Operating System
: Windows XP.
 Front End
: C# .NET
Back End
: SQLServer 2008R2
Download