Dynamic Intrusion alerts generation and Aggregation using Intelligent IDS
| ||International Journal of Computer Trends and Technology (IJCTT)|| |
|© - July Issue 2013 by IJCTT Journal|
|Volume-4 Issue-7 |
|Year of Publication : 2013|
|Authors :Mrs.Sudha Singaraju, G.Srikanth|
Mrs.Sudha Singaraju, G.Srikanth"Dynamic Intrusion alerts generation and Aggregation using Intelligent IDS"International Journal of Computer Trends and Technology (IJCTT),V4(7):2131-2134 July Issue 2013 .ISSN 2231-2803.www.ijcttjournal.org. Published by Seventh Sense Research Group.
Abstract: - The essential subtask of intrusion detection is Alert aggregation. Protecting our data in the internet is a great risk. Intruders and hackers are always ready grab our data. To identify unauthorized users and to cluster different alerts produced by low-level intrusion detection systems firewalls, Intrusion detection system has been introduced. The relevant information whereas the amount of data can be reduced substantially by Meta-alters which will be generated for the clusters. At a certain point in time which has been initiated by an attacker is belonging to a specific hacking. For communication within a distributed intrusion detection system the meta-alerts may be the basis for reporting to security experts. In this paper, for online alert aggregation we propose a novel technique which is based on a dynamic and probabilistic model of current attack situation. For the estimation of the model parameters, it can be regarded as a data stream version of a maximum likelihood approach. The first alerts, which are belonging to a new attack instance, are generated with meta-alerts with a delay of typically only a few seconds. To achieve Reduction rates while the number of missing meta-alerts is extremely low can be possible with the three benchmark data sets are demonstrated.
 S. Axelsson, “Intrusion Detection Systems: A Survey and Taxonomy,” Technical Report 99-15, Dept. of Computer Eng., Chalmers Univ. of Technology, 2000.
 M.R. Endsley, “Theoretical Underpinnings of Situation Awareness: A Critical Review,” Situation Awareness Analysis and Measurement, M.R. Endsley and D.J. Garland, eds., chapter 1, pp. 3-32, Lawrence Erlbaum Assoc., 2000.
 C.M. Bishop, Pattern Recognition and Machine Learning. Springer, 2006.
 M.R. Henzinger, P. Raghavan, and S. Rajagopalan, Computing on Data Streams. Am. Math. Soc., 1999.
 A. Allen, “Intrusion Detection Systems: Perspective,” Technical Report DPRO-95367, Gartner, Inc., 2003.
 F. Valeur, G. Vigna, C. Kru¨ gel, and R.A.Kemmerer, “A Comprehensive Approach to Intrusion Detection Alert Correlation,” IEEE Trans. Dependable and Secure Computing, vol. 1, no. 3, pp. 146-169, July-Sept. 2004.
 H. Debar and A. Wespi, “Aggregation and Correlation of Intrusion-Detection Alerts,” Recent Advances in Intrusion Detection, W. Lee, L. Me, and A. Wespi, eds., pp. 85-103, Springer, 2001.
Keywords : — Intrusion Detection System, Alert Aggregation, different layers, Meta alerts.