Dynamic Intrusion alerts generation and Aggregation using Intelligent IDS

  IJCOT-book-cover
 
International Journal of Computer Trends and Technology (IJCTT)          
 
© - July Issue 2013 by IJCTT Journal
Volume-4 Issue-7                           
Year of Publication : 2013
Authors :Mrs.Sudha Singaraju, G.Srikanth

MLA

Mrs.Sudha Singaraju, G.Srikanth"Dynamic Intrusion alerts generation and Aggregation using Intelligent IDS"International Journal of Computer Trends and Technology (IJCTT),V4(7):2131-2134 July Issue 2013 .ISSN 2231-2803.www.ijcttjournal.org. Published by Seventh Sense Research Group.

Abstract: - The essential subtask of intrusion detection is Alert aggregation. Protecting our data in the internet is a great risk. Intruders and hackers are always ready grab our data. To identify unauthorized users and to cluster different alerts produced by low-level intrusion detection systems firewalls, Intrusion detection system has been introduced. The relevant information whereas the amount of data can be reduced substantially by Meta-alters which will be generated for the clusters. At a certain point in time which has been initiated by an attacker is belonging to a specific hacking. For communication within a distributed intrusion detection system the meta-alerts may be the basis for reporting to security experts. In this paper, for online alert aggregation we propose a novel technique which is based on a dynamic and probabilistic model of current attack situation. For the estimation of the model parameters, it can be regarded as a data stream version of a maximum likelihood approach. The first alerts, which are belonging to a new attack instance, are generated with meta-alerts with a delay of typically only a few seconds. To achieve Reduction rates while the number of missing meta-alerts is extremely low can be possible with the three benchmark data sets are demonstrated.

 

References-
[1] S. Axelsson, “Intrusion Detection Systems: A Survey and Taxonomy,” Technical Report 99-15, Dept. of Computer Eng., Chalmers Univ. of Technology, 2000.
[2] M.R. Endsley, “Theoretical Underpinnings of Situation Awareness: A Critical Review,” Situation Awareness Analysis and Measurement, M.R. Endsley and D.J. Garland, eds., chapter 1, pp. 3-32, Lawrence Erlbaum Assoc., 2000.
[3] C.M. Bishop, Pattern Recognition and Machine Learning. Springer, 2006.
[4] M.R. Henzinger, P. Raghavan, and S. Rajagopalan, Computing on Data Streams. Am. Math. Soc., 1999.
[5] A. Allen, “Intrusion Detection Systems: Perspective,” Technical Report DPRO-95367, Gartner, Inc., 2003.
[6] F. Valeur, G. Vigna, C. Kru¨ gel, and R.A.Kemmerer, “A Comprehensive Approach to Intrusion Detection Alert Correlation,” IEEE Trans. Dependable and Secure Computing, vol. 1, no. 3, pp. 146-169, July-Sept. 2004.
[7] H. Debar and A. Wespi, “Aggregation and Correlation of Intrusion-Detection Alerts,” Recent Advances in Intrusion Detection, W. Lee, L. Me, and A. Wespi, eds., pp. 85-103, Springer, 2001.

Keywords : — Intrusion Detection System, Alert Aggregation, different layers, Meta alerts.