Intrusion detection and attack pattern recognition system using classification and association data mining combination technique

Search by :

ALL Author Subject ISBN/ISSN Advanced Search

Last search:

Intrusion detection and attack pattern recognition system using classification and association data mining combination technique

Windiartono, Souza Nurafrianto - Personal Name; Erwin, Alva - Personal Name;

The emergence of World Wide Web (WWW) has change the paradigm of information gaining method. As information gaining demands increase to the requirements of a swift and high reliability machine, data security is practically essential in persevering service capability in requesting a service from a user. There is a necessity in creating an intelligent machine to detect any intrusion attempt that may jeopardize the integrity of information retrieval from network computers. The current network security applications such as SNORT or Bro have pioneered the way to detect any known intrusion attempt by using a pattern matching algorithm of known security threats rules. Furthermore, the advent of a system called anomaly detection system (ADS) in the later year enhanced the capability of detecting unknown threats that aren't detected by the SNORT or Bro system. However, these two systems are not without faults or weaknesses. One of the major drawbacks of these systems is in the high false alarm rate. Therefore, it is in this research best interest to develop a sufficient reliable system to detect genuine security threats to improve the dependability of the system. This research offers a new feature in the ADS which is the attack pattern recognition system (APRS) to calculate the cost of determining a potential security threat for a specific rule. The research then offers a multi-staged classification technique for misuse detection system. This system will automate the method in intrusion detection for misuse detection system. In conclusion, this system will improve the performance of the system by reducing the false alarm rate. Thus, it will provide a sufficient dependability to be used in detecting anomalous data in network computers.

Availability

B00541 (wh) Available

Detail Information

Series Title: -
Call Number: 541
Publisher: : Swiss German University., 2009
Collation: -
Language: English
ISBN/ISSN: -
Classification: NONE
Content Type: -
Media Type: -
Carrier Type: -
Edition: -
Subject(s): IT
Specific Detail Info: -
Statement of Responsibility: -

Other version/related

No other version available

File Attachment

No Data

Comments

You must be logged in to post a comment