CFP last date
20 May 2024
Call for Paper
June Edition
IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper
Know more
The week's pick
Responsive image
Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin
Random Articles
Reseach Article

Post-Attack Intrusion Detection using Log Files Analysis

by Apurva S. Patil, Deepak R. Patil
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 127 - Number 18
Year of Publication: 2015
Authors: Apurva S. Patil, Deepak R. Patil
10.5120/ijca2015906731

Apurva S. Patil, Deepak R. Patil . Post-Attack Intrusion Detection using Log Files Analysis. International Journal of Computer Applications. 127, 18 ( October 2015), 19-21. DOI=10.5120/ijca2015906731

@article{ 10.5120/ijca2015906731,
author = { Apurva S. Patil, Deepak R. Patil },
title = { Post-Attack Intrusion Detection using Log Files Analysis },
journal = { International Journal of Computer Applications },
issue_date = { October 2015 },
volume = { 127 },
number = { 18 },
month = { October },
year = { 2015 },
issn = { 0975-8887 },
pages = { 19-21 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume127/number18/22830-2015906731/ },
doi = { 10.5120/ijca2015906731 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:18:22.835500+05:30
%A Apurva S. Patil
%A Deepak R. Patil
%T Post-Attack Intrusion Detection using Log Files Analysis
%J International Journal of Computer Applications
%@ 0975-8887
%V 127
%N 18
%P 19-21
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Information security is always a main concern of an organization. It is always a challenging job to design a precise Intrusion detection system(IDS) which will detect the intrusions. Intrusion detection systems are broadly classified as host based (HIDS) and network based intrusion detection systems (NIDS). In this paper a comparative study is done on different approaches for detecting intrusion on single host. Point to note that attack detection systems has aim to only detect the activity of intruder and it does not provide any preventive majors.

References
  1. Karen A. Garc´ıa, Ra´ul Monroy, Luis A. Trejo, Carlos Mex-Perera, and Eduardo Aguirre, “Analyzing Log Files for Postmortem Intrusion Detection,”in IEEE transactions on systems, man, and cybernetics, vol. 42, no. 6, november 2012.
  2. C. Warrender, S. Forrest, and B. A. Pearlmutter, “Detecting intrusions using system calls: Alternative data models,” in Proc. IEEE Symp. SecurityPrivacy, 1999, pp. 133–145.
  3. C. G. Nevill-Manning and I. H.Witten, “Identifying hierarchical structure in sequences: A linear-time algorithm,” J. Artif. Intell. Res., vol. 7, pp. 67–82, 1997.
  4. J.-P. Anderson, “Computer security threat monitoring and surveillance,” James P. Anderson Company, Fort Washington, PA, Tech. Rep. 79F296400, Apr. 1980.
  5. D.-E. Denning, “An intrusion-detection model,” IEEE Trans. Softw. Eng., vol. 13, no. 2, pp. 222–232, Feb. 1987.
  6. C. Ko, M. Ruschitzka, and K.-N. Levitt, “Execution monitoring of security-critical programs in distributed systems: A specification-based approach,” in Proc. IEEE Symp. Security Privacy, May 1997, pp. 175– 187.
  7. M. Bernaschi, E. Gabrielli, and V.-L. Mancini, “REMUS: A securityenhanced operating system,” ACM Trans. Inf. Syst. Security, vol. 5, no. 1, pp. 36–61, 2002.
  8. I. Goldberg, D. Wagner, R. Thomas, and E.-A. Brewer, “A secure environment for untrusted helper applications: Confining the wily hacker,” in Proc. 6th Conf. USENIX Security Symp., Focusing Appl. Cryptogr., 1996, vol. 6, pp. 1–13.
  9. S. Forrest, S. A. Hofmeyr, A. Somayaji, and T. A. Longstaff, “A sense of self for Unix processes,” in Proc. IEEE Symp. Security Privacy, May 1996, pp. 120–128.
  10. S. A. Hofmeyr, S. Forrest, and A. Somayaji, “Intrusion detection using sequences of system calls,” J. Comput. Security, vol. 6, no. 3, pp. 151–180, 1998.
  11. W. Lee, C. Park, and S. Stolfo. (1999, Apr.). Automated intrusion detection using NFR: Methods and experiences, in Workshop on Intrusion Detection and Network Monitoring, USENIX. Santa Clara, CA [Online].Available:http://www.usenix.org
  12. Y. Qiao, X. Xin, Y. Bin, and S. Ge, “Anomaly intrusion detection method based on HMM,” Electron. Lett., vol. 38, no. 13, pp. 663–664, Jun. 2002.
  13. J. Hu, X. Yu, D. Qiu, and H.-H. Chen, “A simple and efficient hidden Markov model scheme for host-based anomaly intrusion detection,” IEEE Netw., vol. 23, no. 1, pp. 42–47, Jan./Feb. 2009.
  14. F. God´ınez, D. Hutter, and R. Monroy, “On the use of word networks to mimicry attack detection,” in Proc. Int. Conf. Emerging Trends Inf. Commun. Security, 2006, vol. 3995, pp. 423–435.
  15. N. Wang, J. Han, and J. Fang, “Anomaly sequences detection from logs based on compression,” Comput. Res. Repository, vol. abs/1109.1729, pp. 1–7, 2011. Available: http://arxiv.org/abs/1109.1729.
  16. C. Kr¨ugel, D. Mutz, F. Valeur, and G. Vigna, “On the detection of anomalous system call arguments,” in Proc. 8th Eur. Symp. Res. Comput. Security, 2003, vol. 2808, pp. 326–343.
  17. F. Maggi, M. Matteucci, and S. Zanero, “Detecting intrusions through system call sequence and argument analysis,” IEEE Trans. Dependable Secure Comput., vol. 7, no. 4, pp. 381–395, Oct./Dec. 2010.
Index Terms

Computer Science
Information Sciences

Keywords

Intrusion Intrusion detection System Host based Intrusion detection. Network based Intrusion detection.

Powered by PhDFocusTM