1. ABSTRACT Information access through Internet provides intruders various ways of attacking a computer system. Establishment of a safe and strong network.

Slides:



Advertisements
Similar presentations
Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.
Advertisements

Enhancing Security Using Mobile Based Anomaly Detection in Cellular Mobile Networks Bo Sun, Fei Yu, KuiWu, Yang Xiao, and Victor C. M. Leung. Presented.
Performance Evaluation of the Fuzzy ARTMAP for Network Intrusion Detection Nelcileno Araújo Ruy de Oliveira Ed’Wilson Tavares Ferreira Valtemir Nascimento.
Data Mining and Intrusion Detection
Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.
Intrusion Detection and Containment in Database Systems Abhijit Bhosale M.Tech (IT) School of Information Technology, IIT Kharagpur.
IDS/IPS Definition and Classification
Intrusion Detection Systems and Practices
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Unsupervised Intrusion Detection Using Clustering Approach Muhammet Kabukçu Sefa Kılıç Ferhat Kutlu Teoman Toraman 1/29.
Data Mining By Archana Ketkar.
Applied Cryptography for Network Security
Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.
A survey of commercial tools for intrusion detection 1. Introduction 2. Systems analyzed 3. Methodology 4. Results 5. Conclusions Cao er Kai. INSA lab.
seminar on Intrusion detection system
Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,
John Felber.  Sources  What is an Intrusion Detection System  Types of Intrusion Detection Systems  How an IDS Works  Detection Methods  Issues.
Lecture 11 Intrusion Detection (cont)
Department Of Computer Engineering
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Scientific Computing Department Faculty of Computer and Information Sciences Ain Shams University Supervised By: Mohammad F. Tolba Mohammad S. Abdel-Wahab.
LÊ QU Ố C HUY ID: QLU OUTLINE  What is data mining ?  Major issues in data mining 2.
Data Mining Techniques
Data Mining for Intrusion Detection: A Critical Review Klaus Julisch From: Applications of data Mining in Computer Security (Eds. D. Barabara and S. Jajodia)
1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.
SEC835 Database and Web application security Information Security Architecture.
Business Intelligence, Data Mining and Data Analytics/Predictive Analytics By: Asela Thomason IS 495 Summer 2015.
Kansas State University Department of Computing and Information Sciences CIS 830: Advanced Topics in Artificial Intelligence From Data Mining To Knowledge.
Intrusion Detection Jie Lin. Outline Introduction A Frame for Intrusion Detection System Intrusion Detection Techniques Ideas for Improving Intrusion.
Intrusion Detection for Grid and Cloud Computing Author Kleber Vieira, Alexandre Schulter, Carlos Becker Westphall, and Carla Merkle Westphall Federal.
A Vehicular Ad Hoc Networks Intrusion Detection System Based on BUSNet.
Intrusion Detection Presentation : 1 OF n by Manish Mehta 01/24/03.
IIT Indore © Neminah Hubballi
Improving Intrusion Detection System Taminee Shinasharkey CS689 11/2/00.
IDS Intrusion Detection Systems CERT definition: A combination of hardware and software that monitors and collects system and network information and analyzes.
INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION.
Chapter 1 Introduction to Data Mining
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
Operating system Security By Murtaza K. Madraswala.
An Overview of Intrusion Detection Using Soft Computing Archana Sapkota Palden Lama CS591 Fall 2009.
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Intrusion Detection System (IDS) Basics LTJG Lemuel S. Lawrence Presentation for IS Sept 2004.
Intrusion Detection System (IDS). What Is Intrusion Detection Intrusion Detection is the process of identifying and responding to malicious activity targeted.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
Cryptography and Network Security Sixth Edition by William Stallings.
Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.
1 Intrusion Detection “Intrusion detection is the process of identifying and responding to malicious activity targeted at computing and networking resources.”
CS526: Information Security Chris Clifton November 25, 2003 Intrusion Detection.
I NTRUSION P REVENTION S YSTEM (IPS). O UTLINE Introduction Objectives IPS’s Detection methods Classifications IPS vs. IDS IPS vs. Firewall.
Anomaly Detection. Network Intrusion Detection Techniques. Ştefan-Iulian Handra Dept. of Computer Science Polytechnic University of Timișoara June 2010.
Using Honeypots to Improve Network Security Dr. Saleh Ibrahim Almotairi Research and Development Centre National Information Centre - Ministry of Interior.
Some Great Open Source Intrusion Detection Systems (IDSs)
Intrusion Detection Systems Dj Gerena. What is an Intrusion Detection System Hardware and/or software Attempts to detect Intrusions Heuristics /Statistics.
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
CompTIA Security+ Study Guide (SY0-401)
NETWORKS Fall 2010.
Operating system Security
CompTIA Security+ Study Guide (SY0-401)
By: Dr. Visavnath, Lecturer Comp. Engg. Deptt.
Intrusion Detection Systems (IDS)
Intrusion Prevention Systems
Intrusion Detection Systems
Intrusion Detection system
Data Warehousing Data Mining Privacy
By: Dr. Visavnath, Lecturer Comp. Engg. Deptt.
Presentation transcript:

1

ABSTRACT Information access through Internet provides intruders various ways of attacking a computer system. Establishment of a safe and strong network system for the secure information transmission has already become focus of research. A firewall might prevent from many kinds of attacks such as using the protocol weakness, the source route, the address counterfeited, and so on, and provide safe data channel. But it could do nothing about the back door in application layer, the attack or stealing caused by authority exceeding of internal user and the information damaging. Thus in orders to ensure network security, data mining techniques are adopted for detecting abnormal or unauthorized behavior in the Intrusion Detection System. 2

AGENDA INTRUSION DETECTION SYSTEM IDS MODEL DATA MINING BASIC APPROACH OF DATA MINING. DATA MINING TASKS DATA MINING AND IDS DATA MINING TECHNIQUES CONCLUSION REFERENCES 3

INTRUSION DETECTION SYSTEM An intrusion can be defined as “any set of actions that attempt to compromise the integrity, confidentiality, or availability of a resource”. An intrusion detection system ( IDS ) is a device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station. Functions of an intrusion detection system are to: Monitor and analyze the user and system activities. Analyze system configurations and vulnerabilities. Assess system and file. Categories of IDS Misuse Detection vs Anomaly Detection Network-based vs Host-based Systems 4

IDS MODEL 5

D ATA MINING Data mining is the process of sorting through large database or data warehouse and extracting knowledge interested by the people. The extracted knowledge may be represented as concept, rule, law and model. The purpose of data mining is to help the decision- maker in order to find potential association between data, found neglected elements which might be very useful for trends and decision- making behavior. It has been described as “the nontrivial extraction of implicit, previously unknown, and potentially useful information from data” and “the science of extracting useful information from large data sets or databases”. Data mining identifies trends within data that go beyond simple analysis. Through the use of sophisticated algorithms, non-statistician users have the opportunity to identify key attributes of any kind of real life problems like Intrusion Detection Activities, Face recognition problem, Image processing, business processes and any other target opportunities 6

BASIC APPROACH OF D ATA M INING. 7 The transition from raw data to valuable knowledge.

D ATA MINING TASKS Remove normal activity from alarm data to allow analysts to focus on real attacks Identify false alarm generators and ”bad” sensor signatures Find anomalous activity that uncovers a real attack Identify long, ongoing patterns (different IP address, same activity) 8

DATA MINING AND IDS Off Line Processing Data Mining and Real Time IDSs Multi - sensor Correlation Evaluation Datasets 9

DATA MINING TECHNIQUES Correlation Analysis Feature Selection Machine Learning Sequential Patterns Classification Clustering Deviation Analysis Forecast 10

CONCLUSION Intrusion detection system is a passive method in the security field, it monitors information system and sends out warning when it does detect intrusion, but data mining technology can analyze these data when network message is acquired, it can forecast for visit on its own initiative, thus reduce the frequency of matching, and thus achieve the function of active defense. Data mining is the process of discovering meaningful correlations, patterns and trend among the data by applying statistical, mathematical and machine learning techniques. Data mining technology covered under descriptive and predictive methodology, for instance, Clustering, Classification, Feature Summary, association rules can be applied in the intrusion detection system. It has been proved that data mining technology improves the property of intrusion detection system, the processing rate and reduces the rate of misreporting. 11

REFERENCES 1) Yusufovna S.F., “Integrating Intrusion Detection System and Data Mining”, International Symposium on Ubiquitous Multimedia Computing, /08, IEEE, 2008, pp ) Miao Chunyu, Chen Wei, “A Study of Intrusion Detection System Based on Data Mining”, /10, IEEE,2010, pp ) Heady et.al. “The architecture of a network level intrusion detection system”. Technical report, Computer Science Department, University of New Mexico, August ) Scarfone, Karen; Mell, Peter (February 2007). "Guide to Intrusion Detection and Prevention Systems (IDPS)". Computer Security Resource Center (National Institute of Standards and Technology) (800-94). 5) Frawley et.al. "Knowledge Discovery in Databases: An Overview". AI Magazine, ISSN ,pp ) Hand et.al.” Principles of Data Mining”, MIT Press, Cambridge, MA. ISBN X, ) Lee W, Salvatore Department” Data Mining Approaches for Intrusion Detection [M]”, New York, NY: Computer Science Department, Columbia University, ) Liu Wei, “Research of Data Mining in Intrusion Detection System and the uncertainty of the attack”, /09, IEEE,

13

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.