High Impact Factor : 4.396 icon | Submit Manuscript Online icon |

Internal Intrusion Detection and Protection System using Data Mining and Forensic Technique

Author(s):

Sayyeda Zeba , SECAB Institute of Engineering and Technology; Zarinabegam K Mundargi, SECAB Institute of Engineering and Technology

Keywords:

Intrusion Detection, Data Mining, Forensic Technique

Abstract

Currently, most computer systems use user IDs and passwords as the login patterns to authenticate users. However, many people share their login patterns with co-workers and request these co-workers to assist co-tasks, thereby making the pattern as one of the weakest points of computer security. Insider attackers, the valid users of a system who attack the system internally, are hard to detect since most intrusion detection systems and firewalls identify and isolate malicious behavior launched from the outside world of the system only. In addition, some studies claimed that analysing system calls (SCs) generated by commands can identify these commands, with which to accurately detect attacks, and attack patterns are the features of an attack. Therefore, a security system, named the Internal Intrusion Detection and Protection System (IIDPS), is proposed to detect insider attacks at SC level by using data mining and forensic techniques. The IIDPS creates users' personal profiles to keep track of users' usage habits as their forensic features and determines whether a valid login user is the account holder or not by comparing his/her current computer usage behaviours with the patterns collected in the account holder's personal profile. The experimental results demonstrate that the IIDPS's user identification accuracy is 94.29%, whereas the response time is less than 0.45 s, implying that it can prevent a protected system from insider attacks effectively and efficiently.

Other Details

Paper ID: IJSRDV6I40629
Published in: Volume : 6, Issue : 4
Publication Date: 01/07/2018
Page(s): 755-757

Article Preview

Download Article