International Journal of Computer Applications |
Foundation of Computer Science (FCS), NY, USA |
Volume 78 - Number 8 |
Year of Publication: 2013 |
Authors: Vasima Khan, Kiran Pandey |
10.5120/13507-1256 |
Vasima Khan, Kiran Pandey . An MMO based Approach to Detect and Prevent Intrusion. International Journal of Computer Applications. 78, 8 ( September 2013), 6-10. DOI=10.5120/13507-1256
Due to quick advances in network and communication engineering, fast development of open source Internet network tools and technologies, per hour ratio of the exchange of privacy or confidentiality of the data in the form simple or complex files over the network, the Government's planning or any confidential amendment information, or any other important evidence of the agreement or deal If all these has been attacked or stolen by the malicious as a intention of tampering, will results catastrophic penalty for the society. So that the cost of securing such information is worthless as compared to the valuable information is the modern concept and current trends for research in the field of network protection technology [1]. Most of the IDS and IPS are based on two fundamental mechanisms; Misuse detection or signature based detection [2]. Signature based systems are simple to create and efficient to operate, but are only effective against known types of attack that has fixed pattern while Anomaly detection mechanisms, on the other hand, create a profile of typical behavior for a user and raise an alert when a user attempts an activity that does not fit his/her profile. This approach tends to be highly complete in that it can detect a previously unknown attack pattern, but it requires significant effort to develop algorithms that can create accurate user profiles. In this paper a behavioral based anomaly detector solution has been proposed based on the idea inferred from [2] and [4]. The novel thing about the proposed technique is the idea of MMO (Means, Motive and Opportunity) which speedup the detection rate and enhanced the capability of catching unknown attacks by applying anomaly on them. Proposed system has been applied on real-time traffic (flows) and obtained results found much more satisfactory. For sniffing real time traffic ourmon monitoring tool has been deployed on ubuntu 13. 04.