Automation of Dynamic Multi-Layer Signature based Intrusion Detection System with Pattern Similarity and Recognition

  • Authors

    • T. S.Urmila
    • Dr. R.Balasubramanian
    2018-11-30
    https://doi.org/10.14419/ijet.v7i4.25.27003
  • Intrusion detection, Signature based IDS, Payload Data, Multi-layer framework, Pattern Similarity.
  • Abstract

    Every computer on the Internet is a potential target for a new attack at any moment nowadays. Network intrusion Detection System (NIDS) is one of the fundamental components to monitor and analyze the traffic to find out any possible attacks in the network. Intrusion Detection based on the application requires exploration of network packet payload data. A special model is required for each services while, every service has different behavior. This paper aims on network packet payload data and it will improve suspicion and recognize signature based attack patterns using pattern matching strategy distantly more accurate than approaches that consider only header information. This paper focuses on developing a multi-layered design known to be a Dynamic Multi-layered Signature Pattern Similarity and Recognition (DMSP-SR). The concept of DMSP-SR is introduced for payload data intrusion that would verify the packets, cluster the packets, measuring pattern similarity and recognize the intrusion signature pattern to diminish these attacks. This is a Multi-layered framework design would enhance the overall performance of the signature based intrusion detection system with the set of attack patterns. The performance analysis shows that the proposed framework can improve the accuracy by increasing the detection rate and effectiveness by reducing the false positive rate and increase true positive rate of identifying payload intrusion compared to the existing systems.

     

     

     
  • References

    1. [1] Rishabh Gupta Soumya Singh Shubham Verma Swasti Singhal 2017 Intrusion Detection System Using SNORT. International Research Journal of Engineering and Technology (IRJET).Vol 4(4):2100-2104.

      [2] Vern Paxson 1999 Bro: a system for detecting network intruders in real-time.Computer Networks (Amsterdam, Netherlands), 31(23-24):2435–2463.

      [3] Kruegel C Vigna G 2003 Anomaly detection of web-based attacks. In Proceedings of 10th ACM Conference on Computer and communications Security CCS’03. 251–261.

      [4] Mahoney M V 2003 Network Traffic Anomaly Detection Based on Packet Bytes. Proceedings. ACM-SAC.

      [5] Lee W Stolfo S 2000 A Framework for Constructing Features and Models for Intrusion Detection Systems. ACM Transactions on Information and System Security, 3(4): 227-261.

      [6] Vigna G Kemmerer R 1998 NetSTAT: A Network-based intrusion detection approach. Computer Security Application Conference.

      [7] Mahoney M, Chan P K 2002 Learning Models of Network Traffic for Detecting Novel Attacks. Florida Tech, Technical report 2002-08.

      [8] Taylor C Alves-Foss J 2001 NATE – Network Analysis of Anomalous Traffic Events, A Low-Cost approach. New Security Paradigms Workshop.

      [9] Neelakantan S Rao S 2008 A Threat-Aware Signature based Intrusion-Detection approach for Obtaining Network Specific Useful Alarms. The Third International Conference on Internet Monitoring and Protection. 80-85.

      [10] Kruegel C Toth T 2003 Using Decision Trees to Improve Signature Based Intrusion Detection. Advances in Intrusion Detection, Pittsburgh, Pennsylvania: Springer Link. 173–191.

      [11] Modi C N Patel D R Patel A Rajarajan M 2004 Integrating Signature Apriori based Network Intrusion Detection System (NIDS) in Cloud Computing. Procedia Technology. 62(12):905-912.

      [12] Gupta M Govil M Singh G Sharma P 2015 XSSDM: Towards detection and mitigation of cross-site scripting vulnerabilities in web applications. International Conference on Advances in Computing, Communications and Informatics (ICACCI). Doi: 0.1109/ICACCI.2015.7275912.

      [13] GUNDAL, S. S., & NARWADE, P. HANDWRITTEN CHARACTER RECOGNITION USING NEURAL NETWORK WITH FOUR, EIGHT & TWELVE DIRECTIONAL FEATURE EXTRACTION TECHNIQUES.

      [14] Vigna G Robertson W Balzarotti D 2004 Testing network based intrusion detection signatures using mutant exploits. In Proceedings of the 11th ACM conference on Computer and communications security(CCS '04) ACM, New York, NY, USA, 21-30. Doi: 10.1145/1030083-1030088.

      [15] Chou T 2013 Security Threats on Cloud Computing Vulnerabilities. International Journal of Computer Science and Information Technology. 5(3):79–88.

      [16] Heiderich M Schwenk J Frosch T Magazinius J Yang E 2013 mXSS attacks: attacking well secured web applications by using innerHTML mutations. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security(CCS '13). ACM, New York, NY, USA. 777-788 Doi: 10.1145/2508859.2516723.

      [17] Bronte Robert Shahriar Hossain Haddad M Hisham 2016 A Signature-Based Intrusion Detection System for Web Applications based on Genetic Algorithm. 32-39. 10.1145/2947626.2951964.

      [18] Monther Aldwairi Ansam M Abu-DaloMoath Jarrah 2017 Pattern matching of signature-based IDS using Myers algorithm under MapReduce framework. EURASIP Journal on Information Security.

  • Downloads

  • How to Cite

    S.Urmila, T., & R.Balasubramanian, D. (2018). Automation of Dynamic Multi-Layer Signature based Intrusion Detection System with Pattern Similarity and Recognition. International Journal of Engineering & Technology, 7(4.25), 298-303. https://doi.org/10.14419/ijet.v7i4.25.27003

    Received date: 2019-02-02

    Accepted date: 2019-02-02

    Published date: 2018-11-30