An improved two-tiered strategy to intrusion detection

Purpose – A work that combined strategies in designing anomaly‐based instruction detection system (IDS) was described in CSIDS. This new work seeks to improve on CSIDS.Design/methodology/approach – The shortcomings of CSIDS were first identified and critically analysed. An improved approach for combining data mining and expert system is then presented and implemented.Findings – The result of the evaluation of the new design produced a better result in terms of the detection efficiency and false alarm rate.Research limitations/implications – It might be necessary to use data from diverse environments to test the design. However, it was effectively shown that an IDS that combines strategies has been designed.Practical implications – This work discusses the technical issues of IDS and will motivate researchers in IDS. It has also shown how strategies could be combined for effective intrusion detection.Originality/value – This paper resulted from the existing problems in IDS and presents practical information...

[1]  Alfonso Valdes,et al.  Probabilistic Alert Correlation , 2001, Recent Advances in Intrusion Detection.

[2]  Stephanie Forrest,et al.  A sense of self for Unix processes , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[3]  Harold S. Javitz,et al.  The NIDES Statistical Component Description and Justification , 1994 .

[4]  Adesina Simon Sodiya,et al.  A new two-tiered strategy to intrusion detection , 2004, Inf. Manag. Comput. Secur..

[5]  Tim Bass,et al.  Intrusion detection systems and multisensor data fusion , 2000, CACM.

[6]  Salvatore J. Stolfo,et al.  Real time data mining-based intrusion detection , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[7]  Duminda Wijesekera,et al.  Modern Intrusion Detection, Data Mining, and Degrees of Attack Guilt , 2002, Applications of Data Mining in Computer Security.

[8]  Terran Lane,et al.  An Application of Machine Learning to Anomaly Detection , 1999 .

[9]  Tom Fawcett,et al.  Combining Data Mining and Machine Learning for Effective User Profiling , 1996, KDD.

[10]  Hervé Debar,et al.  A neural network component for an intrusion detection system , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.