Massive stream data processing to attain anomaly Intrusion Prevention

Most of the contemporary intrusion detection systems need the ability to process massive data streams to achieve anomaly prevention. It is a hard issue since the streaming data have some tough characteristics, such as unknown or unbound size, possibly a variable arrival rate, lack of ability to backtrack over previously arrived transactions, and a lack of system control over the order in which the data arrive. This paper will find a network model which is more suitable for high speed processing of massive data streams in real-time from various data sources by considering the frequency property of events. An Intrusion prevention system have been built with online mining of frequent item sets over a stream with Time-sensitive sliding window, which is one of the most important technique in stream data mining with broad applications. This approach will be used to set the rules for Backtracking to determine the intrusion characteristics then to implement the “ Deny All except allowed” policy rules for prevention. Combination of stream processing and backtracking is used to achieve this so-called Intrusion Prevention, so that in addition to detecting the existence of intrusion we do deny of intrusion as prevention.