Advanced Security Incident Analysis with Sensor Correlation

2012 ◽  
pp. 302-319
Author(s):  
Ciza Thomas ◽  
N. Balakrishnan
Keyword(s):  
Intrusion Detection ◽  
Poor Performance ◽  
Feature Space ◽  
Decision Fusion ◽  
Intrusion Detection Systems ◽  
Security Incident ◽  
Detection Systems ◽  
Improved Performance ◽  
Using Data ◽  
The Individual

This chapter explores the general problem of the poorly detected attacks with Intrusion Detection Systems. The poorly detected attacks reveal the fact that they are characterized by features that do not discriminate them much. The poor performance of the detectors has been improved by discriminative training of anomaly detectors and incorporating additional rules into the misuse detector. This chapter proposes a new approach of machine learning method where corresponding learning problem is characterized by a number of features. This chapter discusses the improved performance of multiple Intrusion Detection Systems using Data-dependent Decision fusion. The Data-dependent Decision fusion approach gathers an in-depth understanding about the input traffic and also the behavior of the individual Intrusion Detection Systems by means of a neural network learner unit. This information is used to fine-tune the fusion unit since the fusion depends on the input feature vector. Thus fusion implements a function that is local to each region in the feature space. It is well-known that the effectiveness of sensor fusion improves when the individual IDSs are uncorrelated. The training methodology adopted in this work takes note of this fact. For illustrative purposes, the DARPA 1999 data set as has been used. The Data-dependent Decision fusion shows a significantly better performance with respect to the performance of individual Intrusion Detection Systems.

Usefulness of Sensor Fusion for Security Incident Analysis

2012 ◽  
pp. 165-180
Author(s):  
Ciza Thomas ◽  
N. Balakrishnan
Keyword(s):  
Intrusion Detection ◽  
Sensor Fusion ◽  
Detection System ◽  
False Positive Rate ◽  
Intrusion Detection Systems ◽  
Security Incident ◽  
Network Defense ◽  
Detection Systems ◽  
Positive Rate ◽  
The Individual

Intrusion Detection Systems form an important component of network defense. Because of the heterogeneity of the attacks, it has not been possible to make a single Intrusion Detection System that is capable of detecting all types of attacks with acceptable levels of accuracy. In this chapter, the distinct advantage of sensor fusion over individual IDSs is proved. The detection rate and the false positive rate quantify the performance benefit obtained through the fixing of threshold bounds. Also, the more independent and distinct the attack space is for the individual IDSs, the better the fusion of Intrusion Detection Systems performs. A simple theoretical model is initially illustrated and later supplemented with experimental evaluation. The chapter demonstrates that the proposed fusion technique is more flexible and also outperforms other existing fusion techniques such as OR, AND, SVM, and ANN, using the real-world network traffic embedded with attacks.

Hybrid Intrusion Detection System Security Enrichment Using Classifier Ensemble

2020 ◽  
Vol 17 (1) ◽  
pp. 434-438
Author(s):  
D. Karthikeyan ◽  
V. Mohanraj ◽  
Y. Suresh ◽  
J. Senthilkumar
Keyword(s):  
Data Mining ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection Rate ◽  
Detection System ◽  
Classifier Ensemble ◽  
Intrusion Detection Systems ◽  
Detection Systems ◽  
Malicious Activity ◽  
Using Data

Intrusion Detection Systems (IDS) is a software or device used to monitor a system or network for malicious activity. Thus, effective intrusion detection of different attacks. Existing methods of studies prove value of data mining methods in Intrusion Detection Systems (IDS). We focus on improving intrusion detection rate of IDS using Data Mining techniques. We implements a new classifier ensemble based intrusion detection systems (CEBIDS) using hybird detection approaches. CEBIDS combines feature level and data level techniques in WEKA tool with KDD cup’99 dataset enhances detection rate in significant manner.

scholarly journals Performance Improvement of Intrusion Detection Systems

2019 ◽  
Vol 8 (10) ◽  
pp. 3705-3712
Keyword(s):  
Intrusion Detection ◽  
Performance Improvement ◽  
False Positives ◽  
Intrusion Detection Systems ◽  
Detection Systems ◽  
Research Activities ◽  
Recent Trends ◽  
Improved Performance ◽  
Improved Technique ◽  
Very High

Intrusion Detection Systems (IDSs) have been crucial in defending intrusive attacks (both active and passive) in various application scenarios in recent trends. Over the years, many research activities have been carried out on intrusion detection systems. The IDSs have been evolved over times with various detection methodologies, approaches, and technology types. The IDSs after several evaluations and different approaches still face a major challenge-performance improvement. This improvement can be quantified in two broad ways- the detection rate and the rate of false positives. The improved performance involves the efficiency and accuracy of detection. The efficiency can be attributed to performance in case of a very high amount of attacks and the accuracy can be attributed to a significantly low amount of false positives. In the same context, we have found that the IoT networks which are in high demand in recent trends also suffer from such types of attacks in operational environments due to limited storage and processing capabilities. In order to protect the IoT application, the scenario necessitates the need of IDS that is lightweight in implementation and provides a significantly higher amount of accuracy which is at par with the IDSs implemented in conventional networks. In this work, we have proposed an improved technique for performance improvement of IDSs in IoT domain.

scholarly journals A Survey on the Network Intrusion Detection System Using Data Mining Techniques

2020 ◽  
pp. 31-36
Author(s):  
Saumya Saraswat ◽  
Rahul Yadav ◽  
Phalguni Pathak
Keyword(s):  
Intrusion Detection ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Safety Hazards ◽  
Small Organizations ◽  
Security Breaches ◽  
Detection Systems ◽  
Network Intrusion ◽  
Using Data ◽  
Intrusion Detection And Prevention

The idea of making everything available easily and universally has led to a revolution in the field of networking. Despite the tremendous growth of technologies in the field of networks and information technology, we still cannot avoid the theft / attack of our resources. This may not apply to small organizations, but it is a serious problem regarding industry / business or national security. Organizations face an increasing number of threats every day in the form of viruses, intrusions, etc. Since organizations have opted for many different mechanisms in the form of intrusion detection and prevention systems to protect themselves from this type of attack, there are many breach security systems that go undetected. To understand safety hazards and intrusion detection and prevention (IDPS) systems, we will first analyze common security breaches and then discuss what the different opportunities and challenges are in this particular field. In this document, we conducted a survey on the overall progress of intrusion detection systems. We analyze the existing types, techniques and architectures of intrusion detection systems in the literature. Finally, the future scope is mentioned.

Sign in / Sign up

Export Citation Format

Share Document