Cart (Loading....) | Create Account
Close category search window
 

A Hybrid Approach to Intrusion Detection and Prevention for Business Intelligence Applications

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Chan Gaik Yee ; Fac. of Inf. Technol., Multimedia Univ. ; Krishna Rao, G.S.V.R.

In this paper, an application-based intrusion detection and prevention (ID/IP) system coupled with data mining and mobile agent technologies is introduced. Under this approach, the ID/IP system consists of a core engine with data sensor, detector, configuration device and alert and response device as its main components. The data sensors posting as designated agents are to gather information from their respective sources in real time. The information gathered by the respective agent is fed into the detector where correlation methods and data mining techniques are employed to analyze and identify any intrusive activity or event. Since information is gathered from various sources by the respective agent, different type of profiles representing normal behavior such as network traffic, users, systems, applications, transactions, alarms and alerts can be built, and deviation from these profiles are considered to be intrusion. A rating model is then used to evaluate the intrusive activities. When an intrusion or attack is detected by the detector and evaluated to have a rating below the threshold value, the configuration device changes the status of the ID/IP system to alert mode and signal the alert and response device to take the necessary actions. Subsequently, mobile response agents are used to carry out response mechanisms at the target and the source

Published in:

Communications and Information Technologies, 2006. ISCIT '06. International Symposium on

Date of Conference:

Oct. 18 2006-Sept. 20 2006

Need Help?


IEEE Advancing Technology for Humanity About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2014 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.