A Method of Network Forensics Analysis Based on Frequent Sequence Mining

2011 ◽  
Vol 50-51 ◽  
pp. 578-582
Author(s):  
Xiu Yu Zhong
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Network Data ◽  
Evidence Based ◽  
Sequence Mining ◽  
Network Forensics ◽  
Frequent Sequence ◽  
Signature Database ◽  
Simulation Results

For the mistaken report and false alarm occurring frequently in intrusion detection system (IDS), the evidence based on forensics system of IDS is inefficient and low credibility. Frequent sequence mining based on Jpcap is proposed for network forensics analysis. After fetching and filtering network data package, the system mines data with frequent sequence according to the evidence relevance to build and update signature database of offense, and judges whether the current user’s behavior is legal in the network forensics analysis stage or not. Simulation results show that the algorithm of frequent sequence mining can identify the new crime behavior and improve the credibility and efficiency of evidence in network forensics analysis.

scholarly journals Intrusion Detection System in Network Forensic Analysis and Investigation

2017 ◽  
Author(s):  
Andysah Putera Utama Siahaan
Keyword(s):  
Network Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Forensic Analysis ◽  
Signature Database ◽  
The Law ◽  
Secure Network ◽  
Network Forensic ◽  
Network Administrators

Intrusion Detection System is built to protect the network from threats of hackers, crackers and security experts from the possibility of action that does not comply with the law. Problems arise when new attacks emerge in a relatively fast so that a network administrator must create their signature and stay updated with new types of attacks that appear. IDS would oversee the packets in the network and benchmark against only those packages with a signature database that is owned by IDS systems or attributes of the attempted attacks ever known. By using IDS, network security will be more secure. Network administrators will be easier to know if network conditions change.

Design and Simulation of a Tree-Based Intrusion Detection System against Denial of Service

2010 ◽  
Vol 29-32 ◽  
pp. 790-795
Author(s):  
Yuan Bai ◽  
Zhong Ying Bai
Keyword(s):  
Data Structure ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Single Point ◽  
Denial Of Service ◽  
Network Element ◽  
Distributed Intrusion Detection ◽  
Simulation Results ◽  
And Performance

Based on analysis of relative and absolute traffic anomalies a fully DIDS(Distributed Intrusion Detection System) is built to detect and respond flooding DoS(Denial of Service) in a specific network area, using traffic trees as data structure to store, execute, communicate and combine abnormal data. A single component settled in a network element is called Tree-Devices and all Tree-Devices construct a Tree-DIDS, a fully DIDS. Tree-Devices communicate with other devices in three ways and collaborate to detect attacks, by which communication cost is reduced. Fully architecture avoids the single point failure, while double anomalies help to warn earlier. The simulation results and performance analysis show that Tree-DIDS works effectively.

scholarly journals Intrusion Detection System for Healthcare Systems Using Medical and Network Data: A Comparison Study

IEEE Access ◽  
2020 ◽  
Vol 8 ◽  
pp. 106576-106584
Author(s):  
Anar A. Hady ◽  
Ali Ghubaish ◽  
Tara Salman ◽  
Devrim Unal ◽  
Raj Jain
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Healthcare Systems ◽  
Network Data ◽  
Comparison Study

scholarly journals Increasing Feature Selection Accuracy through Recursive Method in Intrusion Detection System

2019 ◽  
Vol 4 (2) ◽  
pp. 43
Author(s):  
Andreas Jonathan Silaban ◽  
Satria Mandala ◽  
Erwid Mustofa Jadied
Keyword(s):  
Feature Extraction ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Network Intrusion Detection ◽  
Network Data ◽  
Classification Algorithms ◽  
Recursive Method ◽  
Slow Response ◽  
Network Intrusion

Artificial intelligence semi supervised-based network intrusion detection system detects and identifies various types of attacks on network data using several steps, such as: data preprocessing, feature extraction, and classification. In this detection, the feature extraction is used for identifying features of attacks from the data; meanwhile the classification is applied for determining the type of attacks. Increasing the network data directly causes slow response time and low accuracy of the IDS. This research studies the implementation of wrapped-based and several classification algorithms to shorten the time of detection and increase accuracy. The wrapper is expected to select the best features of attacks in order to shorten the detection time while increasing the accuracy of detection. In line with this goal, this research also studies the effect of parameters used in the classification algorithms of the IDS. The experiment results show that wrapper is 81.275%. The result is higher than the method without wrapping which is 46.027%.

Sign in / Sign up

Export Citation Format

Share Document