A Structured Approach to Selecting Data Collection Mechanisms for Intrusion Detection

2011 ◽  
pp. 1-39
Author(s):  
Ulf E. Larson ◽  
Erland Jonsson ◽  
Stefan Lindskog
Keyword(s):  
Data Collection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Log Data ◽  
Detailed Explanation ◽  
Generic Data ◽  
Efficient Data ◽  
Structured Approach ◽  
Efficient Data Collection

This chapter aims at providing a clear and concise picture of data collection for intrusion detection. It provides a detailed explanation of generic data collection mechanism components and the interaction with the environment, from initial triggering to output of log data records. Taxonomies of mechanism characteristics and deployment considerations are provided and discussed. Furthermore, guidelines and hints for mechanism selection and deployment are provided. The guidelines are aimed to assist intrusion detection system developers, designers, and operators in selecting mechanisms for resource efficient data collection.

Guidance for Selecting Data Collection Mechanisms for Intrusion Detection

2015 ◽  
pp. 340-370
Author(s):  
Ulf Larson ◽  
Erland Jonsson ◽  
Stefan Lindskog
Keyword(s):  
Data Collection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Log Data ◽  
Detailed Explanation ◽  
Generic Data ◽  
Efficient Data ◽  
Efficient Data Collection

This chapter aims at providing a clear and concise picture of data collection for intrusion detection. It provides a detailed explanation of generic data collection mechanism components and the interaction with the environment, from initial triggering to output of log data records. Taxonomies of mechanism characteristics and deployment considerations are provided and discussed. Furthermore, guidelines and hints for mechanism selection and deployment are provided. Finally, this chapter presents a set of strategies for determining what data to collect, and it also discusses some of the challenges in the field. An appendix providing a classification of 50 studied mechanisms is also provided. This chapter aims at assisting intrusion detection system developers, designers, and operators in selecting mechanisms for resource-efficient data collection.

scholarly journals A determinant fuzzy apparoach for intrusion detection system

2018 ◽  
Vol 7 (1.9) ◽  
pp. 245
Author(s):  
S. Vimala ◽  
V. Khanna ◽  
C. Nalini
Keyword(s):  
Data Collection ◽  
Intrusion Detection ◽  
False Alarm ◽  
False Alarm Rate ◽  
Great Degree ◽  
Intrusion Detection System ◽  
Detection System ◽  
Information Mining ◽  
The Past ◽  
Recognition Systems

In MANETs, versatile hubs can impart transparently to each other without the need of predefined framework. Interruption location framework is a fundamental bit of security for MANETs. It is uncommonly convincing for identifying the Intrusions and for the most part used to supplement for other security segment. That is the reason Intrusion discovery framework (IDS) is known as the second mass of assurance for any survivable framework security. The proposed fluffy based IDSs for recognition of Intrusions in MANETs are not prepared to adjust up all sort of assaults. We have examined that all proposed fluffy based IDSs are seen as to a great degree obliged segments or qualities for data collection which is specific for a particular assault. So that these IDSs are simply recognize the particular assault in MANETs. The fluffy motor may perceive blockage from channel mistake conditions, and along these lines helps the TCP blunder discovery. Examination has been made on the issues for upgrading the steady quality and precision of the decisions in MANET. This approach offers a strategy for joining remote units' estimation comes to fruition with alliance information open or priori decided at conglomerating hubs. In our investigation work, the best need was to reduce the measure of information required for getting ready and the false alarm rate. We are chiefly endeavoring to improve the execution of a present framework rather than endeavoring to supplant current Intrusion recognition systems with an information mining approach. While current mark based Intrusion identification procedures have imperatives as communicated in the past region, they do even now give basic organizations and this normal us to choose how information mining could be used as a piece of a correlative way to deal with existing measures and improves it.

scholarly journals A Security Concept Based on Scaler Distribution of a Novel Intrusion Detection Device for Wireless Sensor Networks in a Smart Environment

Sensors ◽  
2020 ◽  
Vol 20 (17) ◽  
pp. 4717 ◽  
Author(s):  
Kenneth Rodolphe Chabi Boni ◽  
Lizhong Xu ◽  
Zhe Chen ◽  
Thelma Dede Baddoo
Keyword(s):  
Data Collection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Electronic Device ◽  
Detection System ◽  
Wireless Sensor ◽  
Smart Environments ◽  
Feedback Signal ◽  
Smart Environment ◽  
Sensor Security

Following the significant improvement of technology in terms of data collection and treatment during the last decades, the notion of a smart environment has widely taken an important pedestal in the science industry. Built in order to better manage assets, smart environments provide a livable environment for users or citizens through the deployment of sensors responsible for data collection. Much research has been done to provide security to the involved data, which are extremely sensitive. However, due to the small size and the memory constraint of the sensors, many of these works are difficult to implement. In this paper, a different concept for wireless sensor security in smart environments is presented. The proposed security system, which is based on the scaler distribution of a novel electronic device, the intrusion detection system (IDS), reduces the computational functions of the sensors and therefore maximizes their efficiency. The IDS also introduces the concept of the feedback signal and “trust table” used to trigger the detection and isolation mechanism in case of attacks. Generally, it ensures the whole network security through cooperation with other IDSs and, therefore, eliminates the problem of security holes that may occur while adopting such a security technique.

Sign in / Sign up

Export Citation Format

Share Document