Title :
Developing a Host Intrusion Prevention System by Using Data Mining
Author :
Al-Hamami, Alaa Hussein ; Alawneh, T.
Abstract :
Intrusion Prevention Systems (IPS) is the most important solution for providing a high level of security all over the networks today. IPS is evolving recently in a way that is expected eventually to replace other security solutions such as firewalls and anti-viruses. To over come the static signature detecting mechanism to identify intruders that exists in all host based IPSs which in turn needs to be updated from time to time to insure the most accurate detection. In this paper we introduce a four tier host based IPS that uses data mining technique, namely decision tree, as a detecting mechanism. The input parameters for the prior decision tree algorithm are the most infected or targeted computer resources by intruders, instead of a static signature database. Three test scenarios were performed to investigate the ability of the proposed IPS to classify intruders correctly.
Keywords :
computer network security; data mining; decision trees; digital signatures; computer resources; data mining; decision tree algorithm; four-tier host-based IPS; host intrusion prevention system; input parameters; intruder classification; intruder identification; static signature database; static signature detection mechanism; Intrusion prevention system; and information security; data mining; decision tree; intruder;
Conference_Titel :
Advanced Computer Science Applications and Technologies (ACSAT), 2012 International Conference on
Conference_Location :
Kuala Lumpur
Print_ISBN :
978-1-4673-5832-3
DOI :
10.1109/ACSAT.2012.103
