MICIE: A Model for Identifying and Collecting Intrusion Evidences

Today it is very important to maintain an intermediary level of security to ensure safe and trusted communication for daily usage. Secured data communication over internet and any other network is hard to achieve due to the threat of intrusions and misuse. Unfortunately, none of the existing systems have proved to be flawless, though various approaches have been used to thwart network intrusion activities. This paper proposes an investigation Model for Identifying and Collecting Intrusion Evidences (MICIE). In particular, the proposed model MICIE comprises three main features, SNORT as IDS, MySQL as database and BASE for result viewing. These features were installed on Raspberry Pi, which was used to aid the data collection process. The results demonstrated that the proposed model is promising for identifying and collecting evidence of network intrusions in real time.

[1]  Chun-Hung Richard Lin,et al.  Intrusion detection system: A comprehensive review , 2013, J. Netw. Comput. Appl..

[2]  Md. Abu Naser Bikas,et al.  An Implementation of Intrusion Detection System Using Genetic Algorithm , 2012, ArXiv.

[3]  Ali Safa Sadiq,et al.  Traceback model for identifying sources of distributed attacks in real time , 2016, Secur. Commun. Networks.

[4]  Aman Jantan,et al.  Filtration model for the detection of malicious traffic in large-scale networks , 2016, Comput. Commun..

[5]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[6]  Saadiah Yahya,et al.  Anomaly detection based on profile signature in network using machine learning technique , 2016, 2016 IEEE Region 10 Symposium (TENSYMP).

[7]  D. Mudzingwa,et al.  A study of methodologies used in intrusion detection and prevention systems (IDPS) , 2012, 2012 Proceedings of IEEE Southeastcon.

[8]  G. S. V. Radha Krishna Rao,et al.  Intrusion Detection System: A Brief Study , 2007 .

[9]  Abdulghani Ali,et al.  Attack Intention Recognition: A Review , 2017, Int. J. Netw. Secur..

[10]  Hossein Jadidoleslamy,et al.  A HIERARCHICAL INTRUSION DETECTION ARCHITECTURE FOR WIRELESS SENSOR NETWORKS , 2011 .

[11]  Heejo Lee,et al.  Botnet Detection by Monitoring Group Activities in DNS Traffic , 2007, 7th IEEE International Conference on Computer and Information Technology (CIT 2007).

[12]  Vasima Khan Anomaly Based Intrusion Detection And Prevention System , 2013 .