Intrusion Detection Management System for eCommerce Security

Abstract This paper introduces the idea of an intrusion detection management system to enhance the security of eCommerce systems. An Intrusion Management System applies different Intrusion Detection Systems (IDS) to not only detect a threat but also analyze it and propose counter measures to avoid compromising the guarded system. Numerous intrusion detection systems, using different techniques are linked to an attack analyzer. The attack analyzer gathers the information from n different IDS within the system and diagnoses a treatment plan. The system administrator or a response planning module aiding the administrator can also query the analyzer for information about the attack character, possible goals and the impending threat level. For the treatment plan, depending on the analysis, a multitude of counter measures is identified and ranked. The counter measure identification is done using data mining techniques on a counter measure repository, the final ranking through sorting algorithms. A feasibility study has shown that an analyzer can match a problem against a solution repository and find the optimal treatment suggestions, applied with a ranking, in an acceptable short period of time.

[1]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[2]  Teresa F. Lunt,et al.  Knowledge-based intrusion detection , 1989, [1989] Proceedings. The Annual AI Systems in Government Conference.

[3]  Scott A. Brandt,et al.  A dynamic quality of service middleware agent for mediating application resource usage , 1998, Proceedings 19th IEEE Real-Time Systems Symposium (Cat. No.98CB36279).

[4]  Rune Skardhamar Virus: Detection and Elimination , 1995 .

[5]  Lonnie R. Welch,et al.  INBOUNDS: The Integrated Network-Based Ohio University Network Detective Service , 2007 .

[6]  Stephanie Forrest,et al.  Intrusion Detection Using Sequences of System Calls , 1998, J. Comput. Secur..

[7]  Peter Mell,et al.  NIST Special Publication on Intrusion Detection Systems , 2001 .

[8]  Daniel P. Siewiorek,et al.  A resource allocation model for QoS management , 1997, Proceedings Real-Time Systems Symposium.

[9]  David Safford,et al.  The TAMU Security Package: An Ongoing Response to Internet Intruders in an Academic Environment , 1993, USENIX Security Symposium.

[10]  Binoy Ravindran,et al.  Distributed, scalable, dependable real-time systems: middleware services and applications , 1999, Proceedings 13th International Parallel Processing Symposium and 10th Symposium on Parallel and Distributed Processing. IPPS/SPDP 1999.

[11]  Chen Lee,et al.  An Approach for Quality of Service Management , 1998 .

[12]  Jeffrey Posluns,et al.  Snort 2.0 Intrusion Detection , 2003 .

[13]  Eugene H. Spafford,et al.  The COPS Security Checker System , 1990, USENIX Summer.

[14]  Anita K. Jones,et al.  Computer System Intrusion Detection: A Survey , 2000 .

[15]  Richard A. Kemmerer,et al.  Penetration state transition analysis: A rule-based intrusion detection approach , 1992, [1992] Proceedings Eighth Annual Computer Security Application Conference.

[16]  Tyler T. Yu E-COMMERCE SAFETY AND SECURITY: A STATISTICAL ANALYSIS OF CONSUMERS' ATTITUDES , 2000 .

[17]  Lonnie R. Welch,et al.  SECURE-RM: Security and Resource Management for Dynamic Real-Time Systems , 2000 .

[18]  Harold S. Javitz,et al.  The NIDES Statistical Component Description and Justification , 1994 .

[19]  Massimo Cotrozzi,et al.  ATP - Anti-Tampering Program , 1993, USENIX Security Symposium.

[20]  Lonnie R. Welch,et al.  Quality-based adaptive resource management architecture (QARMA): a CORBA resource management service , 2004, 18th International Parallel and Distributed Processing Symposium, 2004. Proceedings..

[21]  Peter Mell,et al.  Intrusion Detection Systems , 2001 .

[22]  Kang G. Shin,et al.  Application of real-time monitoring to scheduling tasks with random execution times , 1989, [1989] Proceedings. Real-Time Systems Symposium.

[23]  Eugene H. Spafford,et al.  The design and implementation of tripwire: a file system integrity checker , 1994, CCS '94.