The week's pick
Random Articles
Reseach Article
An MMO based Approach to Detect and Prevent Intrusion
| International Journal of Computer Applications |
| Foundation of Computer Science (FCS), NY, USA |
| Volume 78 - Number 8 |
| Year of Publication: 2013 |
| Authors: Vasima Khan, Kiran Pandey |
10.5120/13507-1256
|
Vasima Khan, Kiran Pandey . An MMO based Approach to Detect and Prevent Intrusion. International Journal of Computer Applications. 78, 8 ( September 2013), 6-10. DOI=10.5120/13507-1256
Abstract
Due to quick advances in network and communication engineering, fast development of open source Internet network tools and technologies, per hour ratio of the exchange of privacy or confidentiality of the data in the form simple or complex files over the network, the Government's planning or any confidential amendment information, or any other important evidence of the agreement or deal If all these has been attacked or stolen by the malicious as a intention of tampering, will results catastrophic penalty for the society. So that the cost of securing such information is worthless as compared to the valuable information is the modern concept and current trends for research in the field of network protection technology [1]. Most of the IDS and IPS are based on two fundamental mechanisms; Misuse detection or signature based detection [2]. Signature based systems are simple to create and efficient to operate, but are only effective against known types of attack that has fixed pattern while Anomaly detection mechanisms, on the other hand, create a profile of typical behavior for a user and raise an alert when a user attempts an activity that does not fit his/her profile. This approach tends to be highly complete in that it can detect a previously unknown attack pattern, but it requires significant effort to develop algorithms that can create accurate user profiles. In this paper a behavioral based anomaly detector solution has been proposed based on the idea inferred from [2] and [4]. The novel thing about the proposed technique is the idea of MMO (Means, Motive and Opportunity) which speedup the detection rate and enhanced the capability of catching unknown attacks by applying anomaly on them. Proposed system has been applied on real-time traffic (flows) and obtained results found much more satisfactory. For sniffing real time traffic ourmon monitoring tool has been deployed on ubuntu 13. 04.
References
- Lin Keming "A Network Invasion Model Based on Information Feedback", Elsevier, SciVerse Science Direct, Procedia Engineering 15 (2011) 5498 – 5502.
- Rathore, J. S. , Saurav, P. and Verma, B. "AgentOuro: A Novelty Based Intrusion Detection and Prevention System", IEEE, Fourth International Conference on Computational Intelligence and Communication Networks (CICN), 2012.
- KDD09. INTRUSION DETECTOR LEARNING [EB/OL]. . http://kdd. ics. uci. edu/databases/kddcup99/task. html, 2010-09-19.
- Vincent H. Berk, George Cybenko, Ian Gregorio-de Souza, and John P. Murphy "Managing Malicious Insider Risk through BANDIT", IEEE, 45th Hawaii International Conference on System Sciences, 2012.
- Vasima Khan "Anomaly Based Intrusion Detection And Prevention System", International Journal of Engineering Research & Technology (IJERT), Vol. 2 Issue 3, March – 2013.
- Huy Anh Nguyen, Tam Van Nguyen, Dong Il Kim AND Deokjai Choi "Network Traffic Anomalies Detection and Identification with Flow Monitoring", IEEE, 2008.
- Mark Ciampa, "Security + Guide to Network Security Fundamentals Second Edition", Canada. Thomson Course Technology, 2003.
- Cheng-Yuan Ho, Yuan-Cheng Lai, I-Wei Chen, Fu-Yu Wang, and Wei-Hsuan Tai "Statistical Analysis of False Positives and False Negatives from Real Traffic with Intrusion Detection/Prevention Systems", IEEE Communications Magazine, pp. 146-154, 2012.
- Cristian I. Pinzón, Juan F. De Paz, Martí Navarroc, Javier Bajo, Vicente Julián and Juan. M. Corchado "Real-time CBR-agent with a mixture of experts in the reuse stage to classify and detect DoS attacks", Science Direct Elsevier, Applied Soft Computing 11 (2011) pp. 4384–4398, 2011.
- Hilmi Günes¸Kayac?k, A. Nur Zincir-Heywood and Malcolm I. Heywood "Can a good offense be a good defense? Vulnerability testing of anomaly detectors through an artificial arms race", Elsevier, Science Direct, Applied Soft Computing 11 (2011) pp. 4366–4383, 2011.
- Tarek S. Sobh and Wael M. Mostafa "A cooperative immunological approach for detecting network anomaly", Elsevier Science Direct, Applied Soft Computing 11 (2011) pp. 1275–1283, 2011.
- S. Venkatesan , M. S. Saleem Basha, C. Chellappan, Anurika Vaish and P. Dhavachelva "Analysis of accounting models to detect duplicate requests in web service", Elsevier Science Direct, Journal of King Saud University – Computer and Information Sciences (2012.
Index Terms
Keywords