The Design and Implementation of Host-Based Intrusion Detection System

Author

Lin Ying ; Zhang Yan ; Ou Yang-jia

Author_Institution

Sch. of Software, Yunnan Univ., Kunming, China

fYear

2010

fDate

2-4 April 2010

Firstpage

595

Lastpage

598

Abstract

Intrusion detection is the process of identifying and responding to suspicious activities targeted at computing and communication resources, and it has become the mainstream of information assurance as the dramatic increase in the number of attacks. Intrusion detection system (IDS) monitors and collects data from a target system that should be protected, processes and correlates the gathered information, and initiates responses when evidence of an intrusion is detected. In this paper, we designed and implemented a host-based intrusion detection system, which combines two detection technologies, one is log file analysis technology and the other is BP neural network technology. Log file analysis is an approach of misuse detection, and BP neural network is an approach of anomaly detection. By combination of these two kinds of detection technologies, the HIDS that we have implemented can effectively improve the efficiency and accuracy of intrusion detection.

Keywords

backpropagation; data analysis; neural nets; security of data; BP neural network; anomaly detection; backpropagation; host-based intrusion detection system; log file analysis; Computer displays; Computer security; Decoding; Information analysis; Information technology; Intrusion detection; Neural networks; Pattern matching; Protection; Telecommunication traffic; BP neural network; HIDS; Log analysis; OSSEC; intrusion detection; intrusion detection system;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligent Information Technology and Security Informatics (IITSI), 2010 Third International Symposium on

Conference_Location

Jinggangshan

Print_ISBN

978-1-4244-6730-3

Electronic_ISBN

978-1-4244-6743-3

Type

conf

DOI

10.1109/IITSI.2010.127

Filename

5453694