A New Host-Based Hybrid IDS Architecture - A Mind Of Its Own

In a world where our every day life depends on what
is going on in the gap between stimulus and
reaction, Intruders could make the decision for you.
Unless they are detected on time!
Network security has been an issue since computers
have been networked together. Lots of
vulnerabilities, risks and threats came to the
scene. An important security product that has
emerged is Intrusion Detection Systems (IDS).
The author proposes a new Host-Based Hybrid
Intrusion Detection System.
The Intrusion Detection Analyzer Module consists of
two analyzers that work in a hybrid architecture:
Anomaly Detection Analyzer and Misuse Detection
Analyzer.
This way, the Anomaly Detection Analyzer is trained
with attack-free session data and normal behaviour
is learnt so it raises an alarm when it detects a
deviation from this normal behaviour. Self
Organizing Map, an unsupervised machine learning
algorithm, is used.
The Misuse Detection Analyzer uses a C4.5 Decision
Tree.
Finally, Decision Making Module decides whether the
session is normal or an attack. The proposed hybrid
architecture works very accurately.
It is an essential book. Any professional can
benefit from such a lecture.

Autorentext

Murat Topallar was born in Turkey in 1978. He gained MSc. degree in Electrical and Electronics Engineering at Bogazici Univ., Turkey in 2004. He published a number of papers on network security, IDS and machine learning. Passionate of research, Topallar developed a new Host-Based Hybrid IDS Architecture. Today he is in telecom business.

Klappentext

In a world where our every day life depends on what is going on in the gap between stimulus and reaction, Intruders could make the decision for you. Unless they are detected on time!Network security has been an issue since computers have been networked together. Lots of vulnerabilities, risks and threats came to the scene. An important security product that has emerged is Intrusion Detection Systems (IDS).The author proposes a new Host-Based Hybrid Intrusion Detection System.The Intrusion Detection Analyzer Module consists of two analyzers that work in a hybrid architecture: Anomaly Detection Analyzer and Misuse Detection Analyzer.This way, the Anomaly Detection Analyzer is trained with attack-free session data and normal behaviour is learnt so it raises an alarm when it detects a deviation from this normal behaviour. Self Organizing Map, an unsupervised machine learning algorithm, is used.The Misuse Detection Analyzer uses a C4.5 Decision Tree.Finally, Decision Making Module decides whether the session is normal or an attack. The proposed hybrid architecture works very accurately.It is an essential book. Any professional can benefit from such a lecture.