Analyzing and contrasting data mining based network intrusion Essay

Analyzing and contrasting data mining based network intrusion detection system - Essay Example The objective of this research is to acquire a better insight about Data Mining-Based Network Intrusion Detection Systems. In this present era the computers are sophistically connected to each other in a form of network. In such networks there is every possibility of intrusion to important data. In order to maintain the integrity, network data has to be secured. Electronic commerce (e-commerce) has made Internet usage most important part in everyone’s life and has become a major source of sending and receiving information. However, providing protection to the computers connected in a network is still a main issue to be tackled. In general, every organization wants their data to be safe and secure from the attackers. Information systems are easily accessible and can be intruded by the hackers over the internet if the networks are insecure. In this thesis, there are some procedures mentions for detecting network intrusions using data mining. This thesis also covers the different types of intrusions and justify how they can be best detected using available data mining tools. Data mining can be proved as a very useful method towards identifying any intrusion that might have taken place. The amount of extraction or hacking of data and intrusions are growing day by day. As a result, new intelligent Intrusion Detection Systems (IDSs) are put in place to mitigate the intrusion and safeguard the data. Intrusion needs to be detected as we cannot stop intrusions but we can minimize them and stop hackers from threats. Declaration I certify that this thesis is carried out in partial fulfillment of the requirements for the degree of Masters in Computer Science, and has no contents copied from any external sources except for those whose references are made with in the text. ---------------------------------- ------------- Mohammed Altaf Ahmed khan Date Table of Contents List of Figures Figure 2.1: Transition from Data to Knowledge (Fayyad, Piatetsky and Smyth, 1996) 10 Figure 3.1 Snort High-Level Processing Stages (Wheeler, 2003)†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦20 Figure 3.2 Bayesian Model Diagram Panda & Patra (2007)†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.25 Chapter 1 Introduction In this age of the Information Revolution, there are obvious advantages that can be reaped from the vast and ever growing Internet Community in the web: 24/7 connectivity; robust e-commerce that simplified business transactions and operations; erasure of geographical separation and distance; and access to a multitude of modern means of communications. Yet, as benefits derived from being part of the Internet community are many to mention, one resounding concern that pervades this virtual world is security. Most, if not all, entities participating and part of the Internet world are on their toes, keeping their eyes over their own virtual place in the Internet. It can be said that SECURITY is one big important word in the Internet today. As of this press time, there are many unscrupulous entities that crowd the Internet and are ready to attack anyone and any site that has vulnerability in its network security setup. Since many e-commerce companies and enterprises depend on the Internet for its survival, it is not a surprise that there is a creation and formulation of different way to protect one’s network. Over the past couple of decades, techniques to secure network through latest technology have gained an importance and have proven to be a necessity to any entity maintaining and securing a network. The need for security has spawned in the creation and design of firewalls, cryptography, authentication and most of all intrusion detection systems. Among these security tools, network intrusion detection system holds a potential as a tool against computer crime. An intrusion detection system can simply be called the process of monitoring and an alyzing the events (ie. the traffic of packets going in and out of the network stream) that occurs in a computer system to enable to detect signs of security problems. Yet, as a network security technology tool, intrusion detecti