Abstract
Security of information systems and their connecting networks has become a primary focus given that pervasive cyber-attacks against information systems are geometrically increasing. Intrusion Detection and Prevention Systems (IDPS) effectively secure the data, storage devices and the systems holding them. We will build system consist of five steps: (a) description the orders that required to archives the event by five fuzzy concepts as input and three fuzzy concepts as output, then save it in temporal bank of orders, (b) Pre-processing that order by convert from the description to numerical values and compute the Membership function for that values. (c) applied the association data mining techniques on these database after compute the correlation among their features, this lead to generation thirty two rules but not all this rules is salsify the confidence measures (i.e., we take only the rules that satisfy the purity 100%) (d) Building the Confusion matrix for all the samples using in training processing (e) Testing the Pragmatic Miner to Risk Analysis (PMRA) model and verification from the accuracy of their results by press new samples to model not used in training stage then compute the values of error and accuracy measures, in addition of correct. The existing systems employing firewalls and encryptions for data protection are getting outdated. IDPS provides a much improved detection system that can prevent the intrusions to attack the system. However, as effective as it is in preventing intrusions, which can disrupt the retrieval of desired information as the system sometimes perceives it as an attack. The base aim of this work is to determine a way to risk analysis of IDPS to an acceptable level while detecting the intrusions and maintaining effective security of a system. Experimental results clearly show the superficiality of the proposed model against the conventional IDPS system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Anuar, N.B., Papadaki, M., Furnell, S., Clarke, N.: Incident prioritisation using analytic hierarchy process (AHP): Risk Index Model (RIM). Secur. Commun. Netw. 6, 1087–1116 (2013). https://doi.org/10.1002/sec.673
Bajpai, S., Sachdeva, A., Gupta, J.P.: Security risk assessment: applying the concepts of fuzzy logic. J. Hazard. Mater. 173, 258–264 (2010). https://doi.org/10.1016/j.jhazmat.2009.08.078
Catania, C.A., Garino, C.G.: Automatic network intrusion detection: current techniques and open issues. Comput. Electr. Eng. 38(5), 1062–1072 (2012). https://doi.org/10.1016/j.compeleceng.2012.05.013
Chen, P.Y., Kataria, G., Krishnan, R.: Correlated failures, diversification and information security risk management. MIS Q. 35, 397–422 (2011)
Liao, H.J., Lin, C.H.R., Lin, Y.C., Tung, K.Y.: Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1), 16–24 (2013). https://doi.org/10.1016/j.jnca.2012.09.004
Mansour, N., Chehab, M., Faour, A.: Filtering intrusion detection alarms. Clust. Comput. 13, 19–29 (2010)
Qassim, Q., Mohd-Zin, A.: Strategy to reduce false alarms in intrusion detection and prevention systems. Int. Arab J. Inf. Technol. (IAJIT) 11(5) (2014)
Spathoulas, G.P., Katsikas, S.K.: Reducing false positives in intrusion detection systems. Comput. Secur. 29, 35–44 (2010). https://doi.org/10.1016/j.cose.2009.07.008
Tjhai, G.C., Furnell, S.M., Papadaki, M., Clarke, N.L.: A preliminary two-stage alarm correlation and filtering system using SOME neural network and K-means algorithm. Comput. Secur. 29, 712–723 (2010). https://doi.org/10.1016/j.cose.2010.02.001
Whitman, M.E., Mattord, H.J.: Principles of Information Security. Cengage Learning, Boston (2011)
Zeng, J., Li, T., Li, G., Li, H.: A new intrusion detection method based on antibody concentration. In: Huang, D.-S., Jo, K.-H., Lee, H.-H., Kang, H.-J., Bevilacqua, V. (eds.) ICIC 2009. LNCS, vol. 5755, pp. 500–509. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04020-7_53
Zhou, Y.P., Fang, J.A.: Intrusion detection model based on hierarchical fuzzy inference system. In: The 2th International Conference on Information and Computing Science, ICIC 2009, vol. 2, pp. 144–147. IEEE (2009). http://dx.doi.org/10.1109/ICIC.2009.145
Al-Janabi, S., Al-Shourbaji, I., Shojafar, M., Shamshirband, S.: Survey of main challenges (security and privacy) in wireless body area networks for healthcare applications. Egypt. Inform. J. 18, 113–122 (2017)
Al-Janabi, S., Al-Shourbaji, I.: A study of cyber security awareness in educational environment in the Middle East. J. Inf. Knowl. Manag. 15, 1650007 (2016)
Ahamad, S.S., Al-Shourbaji, I., Al-Janabi, S.: A secure NFC mobile payment protocol based on biometrics with formal verification. Int. J. Internet Technol. Secur. Trans. 6, 103–132 (2016)
Folorunso, O., Ayo, F.E., Babalola, Y.E.: Ca-NIDS: a network intrusion detection system using combinatorial algorithm approach. J. Inf. Priv. Secur. 12, 181–196 (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Al-Janabi, S. (2017). Pragmatic Miner to Risk Analysis for Intrusion Detection (PMRA-ID). In: Mohamed, A., Berry, M., Yap, B. (eds) Soft Computing in Data Science. SCDS 2017. Communications in Computer and Information Science, vol 788. Springer, Singapore. https://doi.org/10.1007/978-981-10-7242-0_23
Download citation
DOI: https://doi.org/10.1007/978-981-10-7242-0_23
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-7241-3
Online ISBN: 978-981-10-7242-0
eBook Packages: Computer ScienceComputer Science (R0)