Universiti Teknologi Malaysia Institutional Repository

Intrusion threat detection from insider attack using learning behavior-based

Stiawan, Deris and Idris, Mohd. Yazid and Salam, Md. Sah and Abdullah, Abdul Hanan (2012) Intrusion threat detection from insider attack using learning behavior-based. International Journal of the Physical Sciences, 7 (4). pp. 624-637. ISSN 1992-1950

Full text not available from this repository.

Official URL: https://academicjournals.org/journal/IJPS/article-...

Abstract

In recent years, intrusion prevention system (IPS) had been developed as a new approach system to defend networking systems, which properly combines the firewall technique with the intrusion detection. When an attack is identified, intrusion prevention immediately blocks and logs the offending data. The primary IPS uses signature to identify activities in network traffic and the host will perform detection on inbound – outbound packets and would block that activity before the damage happens or the access is reached to the network resources. Signature is the primary factor in intrusion prevention, to identify something and then stopping it must be through the distinct characteristics. In this paper, we propose Behavior - based prevention to trigger mechanism and analyze correlation outbound traffic from inside user. We describe the habitual activity from outbound traffic, which is normal activity, suspicious threat or malicious threat uses traffic assessment. This paper also describes an algorithm for the complexity of the suspicious response.

Item Type:Article
Uncontrolled Keywords:behavior-based detection, hybrid intrusion prevention, identify habitual
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System
ID Code:30572
Deposited By: Yanti Mohd Shah
Deposited On:28 Sep 2017 06:52
Last Modified:23 Jul 2019 09:01

Repository Staff Only: item control page