The International Arab Journal of Information Technology (IAJIT)


An Efficient Intrusion Detection System by Using Behaviour Profiling and Statistical Approach

Unauthorized access in a personal computer or single system of a network for tracking the system access or theft the information is called attack/ hacking. An Intrusion detection System defined as an effective security technology, it detect, prevent and possibly react to computer related malicious activities. For protecting computer systems and networks from abuse used mechanism named Intrusion detection system. The aim of the study is to know the possibilities of Intrusion detection and highly efficient and effective prevent technique. Using this model identified the efficient algorithm for intrusion detection Behaviour Profiling Algorithm and to perform dynamic analysis using Statistical Approach model using log file which provides vital information about systems and the activities on them. The proposed algorithm implemented model it produced above 90%, 96% and 98% in the wired, wireless and cloud network respectively. This study concluded that, the efficient algorithm to detect the intrusion is behaviour profiling algorithm, while join with the statistical approach model, it produces efficient result. In further research, possibility to identify which programming technique used to store the activity log into the database. Next identify which algorithm is opt to implement the intrusion detection and prevention system by using big data even the network is wired, wireless or cloud network.

[1] Best J., Mohay G., and Anderson A., “Machine- Independent Audit Trail Analysis-A Decision Support Tool for Continuous Audit Assurance,” International Journal of Intelligent Systems in Accounting, Finance and Management, vol. 12, no. 2, pp. 85-102, 2004.

[2] Bhayani D., “Identification of Security Breaches in Log Records using Data Mining Techniques,” International Journal of Pure and Applied Mathematics, vol. 119, no. 15, pp. 743-756, 2018.

[3] Borkar B. and Patil A., “Post Attack Detection Using Log Files Analysis,” International Journal of Innovative Research in Science, Engineering and Technology, vol. 2, no. 4, pp. 1195-1199, 2013.

[4] Chaudhary P., Ghuge J., Phalke S., and Nirjal S., “Web Log Pre-processing for Web usage Mining,” International Journal for Scientific Research and Development, vol. 2, no. 12, pp. 604-606, 2015.

[5] Corney M., Mohay G., and Clark A., “Detection of Anomalies from User Profiles Generated from System Logs,” in Proceedings of the 9th Australasian Information Security Conference, Australia, pp. 23-32, 2011.

[6] Gunter D., Tierney B., Brown A., Swany D., Bresnahan J., and Schopf J., “Log Summarization and Anomaly Detection for Troubleshooting Distributed Systems,” in Proceedings of 8th IEEE/ACM International Conference on Grid Computing, Austin, pp. 19-21, 2007.

[7] Kumar K., “Intrusion Detection and Prevention System in Enhancing Security of Cloud Environment,” International Journal of Advanced Research in Computer Engineering and Technology, vol. 6, no. 8, pp. 1138-1152, 2017.

[8] Lee W., Lee K., and Son H., “WALDIO: Eliminating the Filesystem Journaling in Resolving the Journaling of Journal Anomaly,” in Proceedings of the USENIX Annual Technical Conference, Santa Clara, PP. 235-247, 2015.

[9] Legg P., Buckley O., Goldsmith M., and Creese S., “Automated Insider Threat Detection System using User and Role-based Profile Assessment,” IEEE Systems Journal, vol. 11, no. 2, pp. 503- 512, 2017.

[10] Malviya M., Jain A., and Gupta N., “Improving Security by Predicting Anomaly User through Web Mining: A Review,” International Journal of Advances in Engineering and Technology, vol. 1, no. 2, pp. 28-32, 2011.

[11] Mishra P., Pilli E., Varadharajan V., and Tupakula U., “Securing Virtual Machines from Anomalies using Program-Behavior Analysis in cloud Environment,” in Proceedings of IEEE 18th International Conference on High Performance Computing and Communications, Sydney, pp. 991-998, 2016.

[12] Mittal M., Khan A., and Agrawal C., “A Study of Different Intrusion Detection and Prevent System,” International Journal of Scientific and Engineering Research, vol. 3, no. 8, pp. 1526- 1531, 2013.

[13] Motghare A. and Nikose A., “A Survey to Track Intrusion Detection in the System by using Data Mining,” International Research Journal of Engineering and Technology, vol. 6, no. 1, pp. 1583-1586, 2019.

[14] Oppermann A., Toro F., Thiel F., and Seifert J., “Anomaly Detection Approaches for Secure Cloud Reference Architectures in Legal Metrology,” in Proceedings of the 8th International Conference on Cloud Computing and Services Science, Funchal, pp. 549-556, 2018.

[15] Parveen P., Mcdaniel N., Weger Z., Evans J., Thuraisingham B., Hamlen K., and Khan L., “Evolving Insider Threat Detection Stream Mining Perspective,” International Journal of An Efficient Intrusion Detection System by Using Behaviour Profiling ... 123 Artificial Intelligence Tools, vol. 22, no. 5, pp. 1- 24, 2013.

[16] Patcha A. and Park J., “An Overview of Anomaly Detection Techniques: Existing Solutions and Latest Technological Trends,” Computer Networks, vol. 51, no. 12, pp. 3448- 3470, 2007.

[17] Pore A. and Bartere M., “A Review on Camera Based Attacks on Android Smart Phones,” International Journal of Computer Science, vol. 6, no. 1, pp. 88-92, 2015.

[18] Raghavan S. and Raghavan S., “Determining the Origin of Downloaded files Using Metadata Associations,” Journal of Communications, vol. 8, no. 12, pp. 902-910, 2013.

[19] Rahayu S., Robiah Y., Sahib S., Abdollah M., Masud Z., and Roslan I., “Tracing Technique for Blaster Attack,” International Journal of Computer Science and Information Security, vol. 4, no. 1, pp. 1-8, 2009.

[20] Raut U., “Log Based Intrusion Detection System,” IOSR Journal of Computer Engineering, vol. 20, no. 5, pp. 15-22, 2018.

[21] Robert J., Bradley G., Boehmke, Bauer K., Saie C., and Bihl T., “Anomaly Detection: Implementation of Augmented Network Log Anomaly Detection Procedures,” The R Journal, Contributed Research Article, vol. 9-2, pp. 354- 365, 2017.

[22] Rupam., Verma A., and Singh A., “An Approach to Detect Packets Using Packet Sniffing,” International Journal of Computer Science and Engineering Survey, vol. 4, no. 3, pp. 21-33, 2013.

[23] Saratkar K. and Richariya P., “Classification and Genetic based Anomaly Detection,” International Journal of Advanced Research in Computer Science and Software Engineering, vol. 6, no. 2, pp. 504-507, 2016.

[24] Saraydaryan J., Fatiha B., Ubeda S., and Legrand V., “Comprehensive Security Framework for Global Threats Analysis,” International Journal of Computer Science Issues, vol. 2, no. 1, pp. 18- 32, 2009.

[25] Sari A., “A Review of Anomaly Detection Systems in Cloud Networks and Survey of Cloud Security Measures in Cloud Storage Applications,” Journal of Information Security, vol. 6, no. 2, pp.142-154, 2015.

[26] Seva N., Budhwani P., Talekar S., Borle S., and Jadhav N., “Survey on Intrusion Detection System,” International Journal of Advanced Research in Computer Science and Management Studies, vol. 2, no. 1, pp. 101-109, 2014.

[27] Sharma V., You I., and Kumar R., “ISMA: Intelligent Sensing Model for Anomalies Detection in Cross Platform OSNs with a Case Study on IoT,” IEEE Access, vol. 5, pp. 3284- 3301, 2017.

[28] Sigelman B., Barroso L., Burrows M., Stephenson P., Plakal M., Beaver D., Jaspan S., and Shanbhag C., “Dapper, a Large-Scale Distributed Systems Tracing Infrastructure,” Google Technical Report dapper, 2010.

[29] Sipola T., Juvonen A., and Lehtonen J., “Dimensionality Reduction Framework for Detecting Anomalies from Network Logs,” Engineering Intelligent Systems, vol. 20, no. 1, pp. 87-97, 2012.

[30] Suganya S. and Kathiresan V., “Anomaly Detection in DNS Query Logs using Improved Binary Black Hole Optimization Algorithm,” International Journal of Engineering and Technology, vol. 9, no. 4, pp. 3058-3065, 2017.

[31] Swapna G. and Srivatsav R., “Securing Web Applications by Analyzing the Logs of the Database Server or Web Server,” International Journal of Engineering Research and Applications, vol. 2, no. 6, pp. 432-435, 2012.

[32] Tabash M., Abd Allah M., and Tawfik B., “Intrusion Detection Model Using Naïve Bayes and Deep Learning Technique,” The International Arab Journal of Information Technology, vol. 17, no. 2, pp. 215-224, 2020.

[33] Virushabadoss S, Bhuvaneswari C, “Analysis of Behavior Profiling Algorithm to Detect Usage Anomalies in Fog Computing,” International Journal of Engineering Science Invention, pp. 14-19, 2018.

[34] Wagner J., Rasin A., Glavic B., Heart K., Furst J., Bressan L., and Grier J., “Carving Database Storage to Detect and Trace Security Breaches,” Digital Investigation, vol. 22, pp. 127-136, 2017.

[35] Yu R., Qiu H., Wen Z., Lin C., and Liu Y., “A Survey on Social Media Anomaly Detection,” SIGKDD Explorations Newsletter, vol. 18, no. 1, pp. 1-14, 2016.

[36] Zhang Z., Xiao Y., Chen M., Zhang J., and Deng H., “A Survey of Security Visualization for Computer Network Logs,” Security and Communication Networks, vol. 5, PP. 404-421, 2011. 124 The International Arab Journal of Information Technology, Vol. 18, No. 1, January 2021 Rajagopal Devarajan completed his Bachelor of Computer Science degree and completed his Master of Computer Applications degree in Periyar University in the year 2003 and 2006 respectively. He has completed his Master of Philosophy in PRIST University in the year 2012. He has 3 Years and 7 Months Experience in the field of Software Development and 9 Years 2 months Experience in Teaching. He has published 19 articles in different International Journals and 2 books. He presented 2 papers in international conference and 2 papers in national conference. He participated in International seminar and a national seminar. His article published as a chapter in “Cognitive Science and Technology” by Ella Hunter. One of his articles has placed newly opened science library in Konkuk University, South Korea. Currently he is working as an Assistant Professor in the PG and Research Department of Computer Science and Computer Applications, Vivekanandha College of Arts and Sciences for women (Autonomous), Tiruchengode, Namakkal DT, India. He is pursuing his Ph.D degree in Periyar University. His areas of interest are Computer Networks, Data Structures and Algorithms, Programming Languages. He is the life time member of ISTE and IAENG. Padmanabhan Rao completed Master of Computer Applications degree in the year 1998 and obtained Ph.D in the year 2015. He joined as the faculty in the department of computer science in the year 1999. His areas of interest are Sensor Networks, and Distributed Network. He is member of IAENG and IACSIT.