ABSTRACT
Host based and network based intrusion prevention systems are available in the market. Host based Intrusion Prevention Systems are designed to protect information systems from unauthorized access, damage or disruption. We combined these features with the network based intrusion systems which counteract the rapidly evolving threats presented by the latest generation of worms, software and network exploits. The raising number of alarms can be reduced by applying data mining algorithms to the network traffic. Our proposed model combines the knowledge discovery and the intrusion detection so that best action can be taken against the attack. Also this knowledge will be helpful to make the systems efficient and secure. The model is useful against denial of services floods, brute force attacks, vulnerability detection, protocols anomaly detection and prevention against unknown exploits. Thus we propose the prevention technology for the security of networks and host users using data mining algorithms. The sequence pattern, classification and association rule mining algorithms are used for taking the various decisions about security.
- B. Meshram and Alok K. Kumar, "HyIDS: Hybrid Intrusion Detection System", Proceedings of National Conference on Research & Practices in Current Areas of IT, March 26--27, 2004, Department of Computer Science & Engineering, Sant Harchand Sing Longowal Central Institute of Engineering & Technology, Longowal, Dist Sangar(Punjab)-148106Google Scholar
- B. B. Meshram & T. R. Sontakke, "Object Oriented Database Security" TCTE --2004, Sant Harchand Singh Longowal Central Institute of engineering & Technology, Longowal -- 148106.(Formerly known as SLIET), Dist: Sangrur, Punjab-148106, India, October 15--16, 2004.Google Scholar
- B. B. Meshram, Alok K. Kumar "SNAD: Statistical Network Anomaly Detector", International Conference Systemics, Cybernetics And Informatics Icsci -- 2005, Under The Aegis Of Pentagram Research Centre Pvt. Ltd. January 06--09, 2005 Venue: Dr. Mcr Hrd Institute Of Andhra Pradesh, HyderabadGoogle Scholar
- B. B. Meshram, P. B. Ambhore, V. B. Waghmare, "Network Design Security and Management", International Conference On Emerging Technologies and Applications In Emerging Technology and Sciences, 13--14 January 2008, Computer Science Department, Saurashtra University, Rajkot, Gujarat(India). and Management.Google Scholar
- B. B. Meshram, S. S. Karvande. "Design And Implementation Of Application Layer Firewall For Secure Internet Access" at International Conferences on Soft Computing, Department of Computer Applications, Computer Science & Engineering, Information Technology, Bharath Institute of Higher Education & Research, Chennai, Tamilnadu. May 28th and 29th, 2004.Google Scholar
- Peng Ning, North Carolina State University, Sushil Jajodia, "Intrusion Detection Techniques", George Mason University.Google Scholar
- Kuo Zhao, Fei Ren, Nurbol, Liang Hu. "LDLB: A Light Intrusion Prevention System in Data Link Layer", National Natural Science Foundation of China under Grant No. 60473099. Department of Computer Science and Technology, Jilin University, China.Google Scholar
- He Xiao Dong, "Automated Intrusion Prevention Mechanism in Enhancing Network Security". Faculty of Computer Science, University of Malay, Kuala Lumpur, March 2008.Google Scholar
- Mohamed G. Gouda and Xiang-Yang Alex Liu, "Firewall Design: Consistency, Completeness, and Compactness". Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04) 1063-6927/04 $20.00 © 2004 IEEE. Department of Computer Sciences, The University of Texas at Austin, Austin, Texas 78712-1188, U.S.A. {gouda,alexg}@cs.utexas.edu Google ScholarDigital Library
- Ramana Rao Kompella, Sumeet Singh, George Varghese, "On Scalable Attack Detection in the Network". IEEE/ACM Transactions on Networking, Vol. 15, No. 1, February 2007, Student Member, IEEE and Member IEEE. Google ScholarDigital Library
Index Terms
Intrusion prevention systems: data mining approach
Recommendations
Dismantling intrusion prevention systems
Special october issue SIGCOMM '12This paper introduces a serious security problem that people believe has been fixed, but which is still very much existing and evolving, namely evasions. We describe how protocols can still be misused to fool network security devices, such as intrusion ...
Dismantling intrusion prevention systems
SIGCOMM '12: Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communicationThis paper introduces a serious security problem that people believe has been fixed, but which is still very much existing and evolving, namely evasions. We describe how protocols can still be misused to fool network security devices, such as intrusion ...
Host intrusion prevention: Part of the operating system or on top of the operating system?
Instrusion prevention systems (IPS) are becoming essential for securing information technology (IT). However, IPS will never become a fully integral part of the operational system, because of the complexity of the problem, the changing nature of threats,...
Comments