Title :
Intrusion detection using Data Mining
Author :
Khatri, Sunil Kumar
Author_Institution :
AIIT, Amity Univ. Uttar Pradesh, Noida, India
Abstract :
Intrusions are the activities that violate the security policy of system. Intrusion Detection is the process used to identify intrusions. An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. Based on the sources of the audit information used by each Intrusion Detection System (IDS), the IDSs may be classified into: · Host-based IDS: Get audit data from host audit trails. Detect attacks against a single host · Distributed IDS: Gather audit data from multiple hosts and possibly the network that connects the hosts. Detect attacks involving multiple hosts · Network-Based IDS: Use network traffic as the audit data source, relieving the burden on the hosts that usually provide normal computing services. Detect attacks from network.
Keywords :
data mining; security of data; audit data source; audit information; data mining; distributed IDS; host audit trails; host-based IDS; intrusion detection system; malicious activities; management station; network traffic; network-based IDS; policy violations; security policy; software application; Abstracts;
Conference_Titel :
IT in Business, Industry and Government (CSIBIG), 2014 Conference on
Print_ISBN :
978-1-4799-3063-0
DOI :
10.1109/CSIBIG.2014.7056926
