Intrusion Detection System with Correlation Engine and Vulnerability Assessment
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2018, Vol 9, Issue 9
Abstract
The proposed Intrusion Detection System (IDS) which is implemented with modern technologies to address certain prevailing problems in existing intrusion detection systems’ is capable of giving an advanced output to the security analyst. Even though the network of an organization has been secured internally as well as externally the intruders find ways to penetrate the network. With the system that is proposed activities of those intruders can be identified with a higher probability even if managed to bypass security controls of the network. The goal of this project is to give a reliable output to the system users where all the alerts are more accurate and correlated using HIDS alerts and NIDS alerts which is similar to the modern SIEM concept. The system will perform as a centralized IDS by getting inputs from both HIDS and NIDS which gives data regarding the activities of hosts and network traffic. With those implementations, the system is capable of monitoring host activities, monitoring network traffic with existing tools and give a correlated output which is more accurate, advanced and reliable prioritizing the possible attacks by using machine learning techniques and rule-based correlation techniques. With all these capabilities final product is a fully automated Intrusion Detection System which gives correlated alerts as outputs with a less rate of false positives compared to the existing systems.
Authors and Affiliations
D. W. Y. O. Waidyarathna, W. V. A. C. Nayantha, W. M. T. C. Wijesinghe, Kavinga Yapa Abeywardena
Keywords
Related Articles
- EP ID EP394024
- DOI 10.14569/IJACSA.2018.090947
- Views 76
- Downloads 0
Reliable Multicast Transport Protocol: RMTP
- This paper presents the design, implementation, and performance of a reliable multicast transport protocol (RMTP). RMTP is based on a hierarchical structure in which receivers are grouped into local regions or do...
An Enhanced Approach for Detection and Classification of Computed Tomography Lung Cancer
The paper presents approaches for nodule detection and extraction in axial lung computed tomography. The goal is to detect correctly pulmonary nodule to recognize and screen lung cancer patients. The pulmonary nodule det...
Feature Extraction and Classification Methods for a Motor Task Brain Computer Interface: A Comparative Evaluation for Two Databases
A comparative evaluation is performed on two databases using three feature extraction techniques and five classification methods for a motor imagery paradigm based on Mu rhythm. In order to extract the features from elec...
Classifying Arabic Text Using KNN Classifier
With the tremendous amount of electronic documents available, there is a great need to classify documents automatically. Classification is the task of assigning objects (images, text documents, etc.) to one of several pr...
Implementing a Safe Travelling Technique to Avoid the Collision of Animals and Vehicles in Saudi Arabia
In this work, a safe travelling technique was proposed and implemented a LoRa based application to avoid the collision of animals with vehicles on the highways of Saudi Arabia. For the last few decades, it has been a gre...