Data Mining and Forensic Techniques for Internal Intrusion Detection and Protection System

The IDPS uses a local computational grid to detect malicious behaviors in a real-time manner. In this paper, the system proposes a security system, named the Intrusion Detection and Protection System (IDPS for short) at system call level, which creates personal profiles for users to keep track of their usage habits as the forensic features. The proposed work is regarded with Digital forensics technique and intrusion detection mechanism. The number of hacking and intrusion incidents is increasing alarmingly each year as new technology rolls out. In this project, the system designed Intrusion Detection System (IDS) that implements predefined algorithms for identifying the attacks over a network. Therefore, in this project, a security system, named the Internal Intrusion Detection and Protection System (IIDPS), is proposed to detect insider attacks at SC level by using data mining and forensic techniques. The system can identify a user’s forensic features by analyzing the corresponding SCs to enhance the accuracy of attack detection, and able to port the IIDPS to enhance the time efficiency we are using a Hadoop for process big data and K-Means theory for classification and a parallel system to further shorten its detection response time.