International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 07 Issue: 07 | July 2020
p-ISSN: 2395-0072
www.irjet.net
NETWORK SECURITY AND INTRUSION DETECTION SYSTEM USING DATA MINING TECHNIQUES UMASANKAR .K1, RAJESWARI.P2 1Assistant
Professor, Department of Computer Science. of Philosophy, Department of Computer Science. 1,2PRIST University Kumbakonam Campus, Thanjavur,Tamil Nadu, India ------------------------------------------------------------------------***----------------------------------------------------------------------2Master
Abstract - With the significant increase in the use of computers over the network and the development of applications on
different platforms, the focus is on network security. The identification of multiple attacks is actually an important element of network security. The role of the IDS is to track and prevent unauthorized use or damage to network resources and systems. This paper develops data mining - based model of intrusion detection system on both Network Intrusion Detection to monitor all network traffic passing on segment, where a detector is installed to alert the administrator of any signature based activity or suspicious anomaly, and Host Intrusion Detection to monitor inbound and outbound packets from a network device, and will alert the user or network administrator of suspicious behaviour detected. The model designed addresses negative effects of its weaknesses so as to enhance operational effectiveness. The importance of intrusion detection systems and the old techniques, type, characteristics and limitations would be given special attention in this research. Keywords: Network Security, Intrusion Detection System, Anomaly Detection, Misuse Detection, Data mining, Clustering, Classifications.
I. INTRODUCTION
the analysis of data is too hard. This give rise to the need of using IDS along with different Data mining techniques for intrusion detection. Lee & Salvatore J. Stolfo, Columbia University were first to apply Data mining techniques in the IDS [3]. Data mining techniques such as classification and clustering easily extract the information from large dataset. The remaining part of the paper is structured in this way. Section I introduction, Section II review the related work on IDS using Data mining techniques, Section III explanation of IDS. In Section IV, Data mining and its techniques which are used in IDS are described and finally Section V brings us to the conclusion.
With the speedy escalation of Internet, there is enhancement in the lifestyle of people but at the cost of threats, which are created by either individuals or any organization. They are used to break the security of network. Security means degree of protection given to the network or system. The main goals of security are confidentiality, Integrity and availability of data [1]. Attacks on network can be referred as Intrusion. Intrusion means any set of malicious activities that attempt to compromise the security goals of the information. In early days, only conventional approaches were used for network such as encryption, firewalls, virtual private network etc but they were not enough to secure network completely. It is difficult to depend completely on static defense techniques. This increases the need for dynamic technique, which can be monitors system and identify illegal activities. Thus to enhance the network security dynamic approach is introduced and known as Intrusion Detection System. Intrusion detection system collects online information from the network after that monitors and analyzes these information and partitions it into normal & malicious activities, provide the result to system administrator [2]. IDS is the area, where Data mining is used extensively, this is due to limited scalability, adaptability and alidity.
TYPES OF ATTACKS A. Dos attack
A denial-of-service attack or distributed denial-of-service attack is an effort to make a computer resource out of stock to its indented users [32].This type of attack slows down the system or shut down the system so it disrupt the service and deny the legitimate authorized user. Due to this attack high network traffic occurs.
B. User to Root Attack (U2R)
In this type of attack, the attacker starts with user level like taking down the password, dictionary attack and finally attacker achieves root to access the system.
In IDS data is collected from various sources like network log data, host data etc. Since the network traffic is large,
Š 2020, IRJET
|
Impact Factor value: 7.529
|
ISO 9001:2008 Certified Journal
|
Page 5639