Presentation is loading. Please wait.

Presentation is loading. Please wait.

1. ABSTRACT Information access through Internet provides intruders various ways of attacking a computer system. Establishment of a safe and strong network.

Published byAshley Rose Modified over 8 years ago

Similar presentations

Presentation on theme: "1. ABSTRACT Information access through Internet provides intruders various ways of attacking a computer system. Establishment of a safe and strong network."— Presentation transcript:

1 1

2 ABSTRACT Information access through Internet provides intruders various ways of attacking a computer system. Establishment of a safe and strong network system for the secure information transmission has already become focus of research. A firewall might prevent from many kinds of attacks such as using the protocol weakness, the source route, the address counterfeited, and so on, and provide safe data channel. But it could do nothing about the back door in application layer, the attack or stealing caused by authority exceeding of internal user and the information damaging. Thus in orders to ensure network security, data mining techniques are adopted for detecting abnormal or unauthorized behavior in the Intrusion Detection System. 2

3 AGENDA INTRUSION DETECTION SYSTEM IDS MODEL DATA MINING BASIC APPROACH OF DATA MINING. DATA MINING TASKS DATA MINING AND IDS DATA MINING TECHNIQUES CONCLUSION REFERENCES 3

4 INTRUSION DETECTION SYSTEM An intrusion can be defined as “any set of actions that attempt to compromise the integrity, confidentiality, or availability of a resource”. An intrusion detection system ( IDS ) is a device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station. Functions of an intrusion detection system are to: Monitor and analyze the user and system activities. Analyze system configurations and vulnerabilities. Assess system and file. Categories of IDS Misuse Detection vs Anomaly Detection Network-based vs Host-based Systems 4

5 IDS MODEL 5

6 D ATA MINING Data mining is the process of sorting through large database or data warehouse and extracting knowledge interested by the people. The extracted knowledge may be represented as concept, rule, law and model. The purpose of data mining is to help the decision- maker in order to find potential association between data, found neglected elements which might be very useful for trends and decision- making behavior. It has been described as “the nontrivial extraction of implicit, previously unknown, and potentially useful information from data” and “the science of extracting useful information from large data sets or databases”. Data mining identifies trends within data that go beyond simple analysis. Through the use of sophisticated algorithms, non-statistician users have the opportunity to identify key attributes of any kind of real life problems like Intrusion Detection Activities, Face recognition problem, Image processing, business processes and any other target opportunities 6

7 BASIC APPROACH OF D ATA M INING. 7 The transition from raw data to valuable knowledge.

8 D ATA MINING TASKS Remove normal activity from alarm data to allow analysts to focus on real attacks Identify false alarm generators and ”bad” sensor signatures Find anomalous activity that uncovers a real attack Identify long, ongoing patterns (different IP address, same activity) 8

9 DATA MINING AND IDS Off Line Processing Data Mining and Real Time IDSs Multi - sensor Correlation Evaluation Datasets 9

10 DATA MINING TECHNIQUES Correlation Analysis Feature Selection Machine Learning Sequential Patterns Classification Clustering Deviation Analysis Forecast 10

11 CONCLUSION Intrusion detection system is a passive method in the security field, it monitors information system and sends out warning when it does detect intrusion, but data mining technology can analyze these data when network message is acquired, it can forecast for visit on its own initiative, thus reduce the frequency of matching, and thus achieve the function of active defense. Data mining is the process of discovering meaningful correlations, patterns and trend among the data by applying statistical, mathematical and machine learning techniques. Data mining technology covered under descriptive and predictive methodology, for instance, Clustering, Classification, Feature Summary, association rules can be applied in the intrusion detection system. It has been proved that data mining technology improves the property of intrusion detection system, the processing rate and reduces the rate of misreporting. 11

12 REFERENCES 1) Yusufovna S.F., “Integrating Intrusion Detection System and Data Mining”, International Symposium on Ubiquitous Multimedia Computing, 978-0-7695-3427- 5/08, IEEE, 2008, pp.256-259. 2) Miao Chunyu, Chen Wei, “A Study of Intrusion Detection System Based on Data Mining”, 978-1-4244-6943-7/10, IEEE,2010, pp.186-189. 3) Heady et.al. “The architecture of a network level intrusion detection system”. Technical report, Computer Science Department, University of New Mexico, August 1990. 4) Scarfone, Karen; Mell, Peter (February 2007). "Guide to Intrusion Detection and Prevention Systems (IDPS)". Computer Security Resource Center (National Institute of Standards and Technology) (800-94). http://csrc.ncsl.nist.gov/publications/nistpubs/800-94/SP800-94.pdf. 5) Frawley et.al. "Knowledge Discovery in Databases: An Overview". AI Magazine, ISSN 0738-4602,pp.213-228. 6) Hand et.al.” Principles of Data Mining”, MIT Press, Cambridge, MA. ISBN 0-262- 08290-X, 2001. 7) Lee W, Salvatore Department” Data Mining Approaches for Intrusion Detection [M]”, New York, NY: Computer Science Department, Columbia University, 1996. 8) Liu Wei, “Research of Data Mining in Intrusion Detection System and the uncertainty of the attack”, 978-1-4244-5273-6/09, IEEE, 2009. 12

13 13

Download ppt "1. ABSTRACT Information access through Internet provides intruders various ways of attacking a computer system. Establishment of a safe and strong network."

Similar presentations

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.
Enhancing Security Using Mobile Based Anomaly Detection in Cellular Mobile Networks Bo Sun, Fei Yu, KuiWu, Yang Xiao, and Victor C. M. Leung. Presented.

Enhancing Security Using Mobile Based Anomaly Detection in Cellular Mobile Networks Bo Sun, Fei Yu, KuiWu, Yang Xiao, and Victor C. M. Leung. Presented.
Performance Evaluation of the Fuzzy ARTMAP for Network Intrusion Detection Nelcileno Araújo Ruy de Oliveira Ed’Wilson Tavares Ferreira Valtemir Nascimento.

Performance Evaluation of the Fuzzy ARTMAP for Network Intrusion Detection Nelcileno Araújo Ruy de Oliveira Ed’Wilson Tavares Ferreira Valtemir Nascimento.
Data Mining and Intrusion Detection

Data Mining and Intrusion Detection
Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.

Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.
Intrusion Detection and Containment in Database Systems Abhijit Bhosale M.Tech (IT) School of Information Technology, IIT Kharagpur.

Intrusion Detection and Containment in Database Systems Abhijit Bhosale M.Tech (IT) School of Information Technology, IIT Kharagpur.
IDS/IPS Definition and Classification

IDS/IPS Definition and Classification
Intrusion Detection Systems and Practices

Intrusion Detection Systems and Practices
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Unsupervised Intrusion Detection Using Clustering Approach Muhammet Kabukçu Sefa Kılıç Ferhat Kutlu Teoman Toraman 1/29.

Unsupervised Intrusion Detection Using Clustering Approach Muhammet Kabukçu Sefa Kılıç Ferhat Kutlu Teoman Toraman 1/29.
Data Mining By Archana Ketkar.

Data Mining By Archana Ketkar.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.

Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.
A survey of commercial tools for intrusion detection 1. Introduction 2. Systems analyzed 3. Methodology 4. Results 5. Conclusions Cao er Kai. INSA lab.

A survey of commercial tools for intrusion detection 1. Introduction 2. Systems analyzed 3. Methodology 4. Results 5. Conclusions Cao er Kai. INSA lab.
seminar on Intrusion detection system

seminar on Intrusion detection system
Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,

Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,
John Felber.  Sources  What is an Intrusion Detection System  Types of Intrusion Detection Systems  How an IDS Works  Detection Methods  Issues.

John Felber.  Sources  What is an Intrusion Detection System  Types of Intrusion Detection Systems  How an IDS Works  Detection Methods  Issues.
Lecture 11 Intrusion Detection (cont)

Lecture 11 Intrusion Detection (cont)

Similar presentations

Ads by Google