Intrusion threat detection from insider attack using learning behavior-based
In recent years, intrusion prevention system (IPS) had been developed as a new approach system to defend networking systems, which properly combines the firewall technique with the intrusion detection. When an attack is identified, intrusion prevention immediately blocks and logs the offending data....
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Published: |
Academic Journals
2012
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/30572/ https://academicjournals.org/journal/IJPS/article-abstract/2EAEF2116344 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Teknologi Malaysia |
| id |
my.utm.30572 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.305722019-07-23T09:01:39Z http://eprints.utm.my/id/eprint/30572/ Intrusion threat detection from insider attack using learning behavior-based Stiawan, Deris Idris, Mohd. Yazid Salam, Md. Sah Abdullah, Abdul Hanan QA75 Electronic computers. Computer science In recent years, intrusion prevention system (IPS) had been developed as a new approach system to defend networking systems, which properly combines the firewall technique with the intrusion detection. When an attack is identified, intrusion prevention immediately blocks and logs the offending data. The primary IPS uses signature to identify activities in network traffic and the host will perform detection on inbound – outbound packets and would block that activity before the damage happens or the access is reached to the network resources. Signature is the primary factor in intrusion prevention, to identify something and then stopping it must be through the distinct characteristics. In this paper, we propose Behavior - based prevention to trigger mechanism and analyze correlation outbound traffic from inside user. We describe the habitual activity from outbound traffic, which is normal activity, suspicious threat or malicious threat uses traffic assessment. This paper also describes an algorithm for the complexity of the suspicious response. Academic Journals 2012-01-23 Article PeerReviewed Stiawan, Deris and Idris, Mohd. Yazid and Salam, Md. Sah and Abdullah, Abdul Hanan (2012) Intrusion threat detection from insider attack using learning behavior-based. International Journal of the Physical Sciences, 7 (4). pp. 624-637. ISSN 1992-1950 https://academicjournals.org/journal/IJPS/article-abstract/2EAEF2116344 DOI: 10.5897/IJPS11.1381 |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Stiawan, Deris Idris, Mohd. Yazid Salam, Md. Sah Abdullah, Abdul Hanan Intrusion threat detection from insider attack using learning behavior-based |
| description |
In recent years, intrusion prevention system (IPS) had been developed as a new approach system to defend networking systems, which properly combines the firewall technique with the intrusion detection. When an attack is identified, intrusion prevention immediately blocks and logs the offending data. The primary IPS uses signature to identify activities in network traffic and the host will perform detection on inbound – outbound packets and would block that activity before the damage happens or the access is reached to the network resources. Signature is the primary factor in intrusion prevention, to identify something and then stopping it must be through the distinct characteristics. In this paper, we propose Behavior - based prevention to trigger mechanism and analyze correlation outbound traffic from inside user. We describe the habitual activity from outbound traffic, which is normal activity, suspicious threat or malicious threat uses traffic assessment. This paper also describes an algorithm for the complexity of the suspicious response. |
| format |
Article |
| author |
Stiawan, Deris Idris, Mohd. Yazid Salam, Md. Sah Abdullah, Abdul Hanan |
| author_facet |
Stiawan, Deris Idris, Mohd. Yazid Salam, Md. Sah Abdullah, Abdul Hanan |
| author_sort |
Stiawan, Deris |
| title |
Intrusion threat detection from insider attack using learning behavior-based |
| title_short |
Intrusion threat detection from insider attack using learning behavior-based |
| title_full |
Intrusion threat detection from insider attack using learning behavior-based |
| title_fullStr |
Intrusion threat detection from insider attack using learning behavior-based |
| title_full_unstemmed |
Intrusion threat detection from insider attack using learning behavior-based |
| title_sort |
intrusion threat detection from insider attack using learning behavior-based |
| publisher |
Academic Journals |
| publishDate |
2012 |
| url |
http://eprints.utm.my/id/eprint/30572/ https://academicjournals.org/journal/IJPS/article-abstract/2EAEF2116344 |
| _version_ |
1643648581655068672 |