44,227 Hits in 5.5 sec

Building an Application Data Behavior Model for Intrusion Detection [chapter]

Olivier Sarrouy, Eric Totel, Bernard Jouga
2009 Lecture Notes in Computer Science  
Our proposal relies on a data oriented behavioral model that builds the application profile out of dynamically extracted invariant constraints on the application data items.  ...  Application level intrusion detection systems usually rely on the immunological approach.  ...  of application Level Intrusion detection system) project.  ... 
doi:10.1007/978-3-642-03007-9_21 fatcat:a4l44alkcfhxjhbfqzyo2vql4a

Computer Security and Intrusion detection System-A Data Mining Based Approach

Neetu Anand, Tapas Kumar
2017 International Journal of Scientific Research and Management  
This paper focused on how data mining is used for Intrusion detection System  ...  We must have measures in place to detect security breaches, i.e., identify intruders and intrusions.  ...  In the data exploration phase, traditional data analysis tools, for example, statistics, are used to explore the data. Phase III: Data preparation -Build the data model for the modeling process.  ... 
doi:10.18535/ijsrm/v5i6.33 fatcat:nt3hwl4b2jedbmsbq4dizvlsnq

Post-Attack Intrusion Detection using Log Files Analysis

Apurva S., Deepak R.
2015 International Journal of Computer Applications  
In this paper a comparative study is done on different approaches for detecting intrusion on single host.  ...  Information security is always a main concern of an organization. It is always a challenging job to design a precise Intrusion detection system(IDS) which will detect the intrusions.  ...  To build a profile of normal behavior first selected some attack free log files. Due to large size of system call data a reduction model is used to compress the content of log files.  ... 
doi:10.5120/ijca2015906731 fatcat:q2l6j4h25ve3zd56b6mcsc7zny

Cybersecurity data science: an overview from machine learning perspective

Iqbal H. Sarker, A. S. M. Kayes, Shahriar Badsha, Hamed Alqahtani, Paul Watters, Alex Ng
2020 Journal of Big Data  
Extracting security incident patterns or insights from cybersecurity data and building corresponding data-driven model, is the key to make a security system automated and intelligent.  ...  Overall, our goal is not only to discuss cybersecurity data science and relevant methods but also to focus the applicability towards data-driven intelligent decision making for protecting the systems from  ...  Acknowledgements The authors would like to thank all the reviewers for their rigorous review and comments in several revision rounds.  ... 
doi:10.1186/s40537-020-00318-5 fatcat:i5qjz55m7fcudoxhstzlj3akzu

Implementation of Fault Tolerant Architecture in Decentralized Intrusion Detection System

Surbhi Chauhan
2012 IOSR Journal of Engineering  
And to build perapplication based profile for authorized users.  ...  The aim of this paper is to detect anomalous usage of legitimate applications by authorized users in Windows environment and to implement a faulttolerant architecture which can continue providing detection  ...  A related discipline is Program Profiling e.g. as in [4] , in which the normal behavior for an application program is modeled, usually for the purpose of detecting whether the program is doing anything  ... 
doi:10.9790/3021-0204915922 fatcat:ssnkmzvxuvc5lo33puplr5xuvm

Building an Intrusion-Detection System to Detect Suspicious Process Behavior

Andreas Wespi, Hervé Debar
1999 International Symposium on Recent Advances in Intrusion Detection  
His research interests include intrusion detection, network security in general, and distributed and parallel computing.  ...  He holds an M. Sc. in Computer Science from the University of Berne, Switzerland.  ...  Comparing real process data with the process model: The goal of the detection component is to differentiate between normal and anomalous behavior.  ... 
dblp:conf/raid/WespiD99 fatcat:666uiszsovcz3f3a5m6mmwkulu

Behavioral Intrusion Detection [chapter]

Stefano Zanero
2004 Lecture Notes in Computer Science  
We briefly introduce a general framework for behavior detection and an algorithm for building a Markov-based model of behavior.  ...  We briefly introduce a general framework for behavior detection and an algorithm for building a Markov-based model of multiple classes of behavior.  ...  Case Study: Behavioral Intrusion Detection We acquired test data from a limited number of users of two different terminal systems, with about 10 users for each system and some months of data.  ... 
doi:10.1007/978-3-540-30182-0_66 fatcat:dzljdwj5uncevfmgbuwuyl4c54

Hybrid Intrusion Detection System Using K-means and J-48

Manvir Singh, Jatinder Singh Bal
2017 International Journal of Security and Its Applications  
For training and testing of hybrid intrusion detection model famous NSL-kdd dataset is used.  ...  based intrusion detection model is build using improved J-48 classification algorithm in this way the combine output of these two phases attains very higher detection accuracy.  ...  Intrusion Detection System An Intrusion Detection System is an application used for monitoring the network and protecting it from the intruder [15] .Intrusion detection system is an active research area  ... 
doi:10.14257/ijsia.2017.11.1.02 fatcat:nh2c5duplzbqfd6j6zhlo3eziu

An Intrusion Detection System with Home Installation Networks

Thomas Mundt,et al.
2014 International Journal of Computing and Digital Systems  
For this purpose we use anomaly detection in a similar way as in traditional network observing intrusion detection systems. We also present an example implementation utilizing outlier detection.  ...  In this paper we present a case study on how to build a home intrusion detection system based on data delivered by a house installation network.  ...  AN INTRUSION DETECTION SYSTEM FOR BUILDINGS In a straightforward approach for developing IDS for buildings we would look at all sensors observing the building.  ... 
doi:10.12785/ijcds/030102 fatcat:vmox2wdmrzbepb2vpiff6ed43m

An Efficient Hybrid Intrusion Detection System based on C5.0 and SVM

Vahid Golmah
2014 International Journal of Database Theory and Application  
The motivation for using the hybrid approach is to improve the accuracy of the intrusion detection system when compared to using individual SVM and individual SVM.  ...  Nowadays, much attention has been paid to intrusion detection system (IDS) which is closely linked to the safe use of network services.  ...  This approach requires construction of a model for normal user behavior. Any user behavior that deviates significantly from this normal behavior is flagged as an intrusion.  ... 
doi:10.14257/ijdta.2014.7.2.06 fatcat:ocvixio4tndenj2bbmelvy45ce

A Secure Network Detection System against Noisy Unlabeled Data

Shailesh Kumar Gaikwad, Vijay Shah, Yogendra Kumar Jain
2010 International Journal of Computer Applications  
Factors like noise in the audit data, mobility of the nodes, and the large amount of data generated by the network make it difficult to build a normal traffic profile of the network for the purpose of  ...  Most, if not all, systems deployed assume the availability of complete and clean data for the purpose of intrusion detection. We contend that this assumption is not valid.  ...  According to the generic architectural model of an intrusion detection system contains the following modules: Audit data collection Audit data storage Analysis and detection Configuration data  ... 
doi:10.5120/1416-1912 fatcat:jj237lbkzfcazez2qhmy6jdhzi

IntruDTree: A Machine Learning Based Cyber Security Intrusion Detection Model

Iqbal H. Sarker, Yoosef B. Abushark, Fawaz Alsolami, Asif Irshad Khan
2020 Symmetry  
Artificial intelligence, particularly machine learning techniques, can be used for building such a data-driven intelligent intrusion detection system.  ...  Thus, detecting various cyber-attacks or anomalies in a network and building an effective intrusion detection system that performs an essential role in today's security is becoming more important.  ...  On the other hand, an anomaly-based intrusion detection system examines the behavior of the network and finds patterns, automatically creates a data-driven model for profiling the normal behavior, and  ... 
doi:10.3390/sym12050754 fatcat:2cnjrwxsobbwflztn7phctnbey

Application-Specific Traffic Anomaly Detection Using Universal Background Model

Hassan Alizadeh, Samaeh Khoshrou, André Zúquete
2015 Proceedings of the 2015 ACM International Workshop on International Workshop on Security and Privacy Analytics - IWSPA '15  
This paper presents an application-specific intrusion detection framework in order to address the problem of detecting intrusions in individual applications when their traffic exhibits anomalies.  ...  Given traffic flows generated by individual genuine application, we exploit the GMM-UBM (Gaussian Mixture Model -Universal Background Model) method to build models for genuine applications, and thereby  ...  For each enrolled individual (application), an application specific model (APSM) is therefore obtained.  ... 
doi:10.1145/2713579.2713586 dblp:conf/codaspy/AlizadehKZ15 fatcat:2mk55vup4ff2fok5boyjw2iwjm

Incorporating Hidden Markov Model into Anomaly Detection Technique for Network Intrusion Detection

J. ChandrakantaBadajena, Chinmayee Rout
2012 International Journal of Computer Applications  
INDEX TERMS-Intrusion detection System, Anomaly detection technique, Hidden Markov Model, KDD Cup 1999 data set.  ...  This paper presents implementation of Intrusion Detection System (IDS) to model the behavior of users using Hidden Markov Model (HMM). This model attempts to detect intrusive attack efficiently.  ...  The main strategy of our paper is to build an anomaly detection system, a predictive model capable of discriminating between normal and abnormal behavior of network traffic.  ... 
doi:10.5120/8469-2395 fatcat:cckqcv6pmbe7pilgejruyomybu

How to secure web servers by the intrusion prevention system (IPS)?

Yousef Farhaoui
2016 International Journal of Advanced Computer Research  
Approaches by signature show limits on intrusion detection/attacks by the fact that most web vulnerabilities are specifically for specific applications may be developed in-house by companies.  ...  Behavioral methods are therefore an interesting approach in this area. An IPS (Intrusion Prevention System) is a tool that is used to enhance the security level.  ...  The basic principle of the behavioral approach is to build a reference model the behavior of the supervised entity (user, machine, service and application) to which we can compare the observed behavior  ... 
doi:10.19101/ijacr.2016.623028 fatcat:56lxkgfjqvba3lkiootwv6tvuu
« Previous Showing results 1 — 15 out of 44,227 results