28-07-2012, 10:05 AM
Layered Approach Using Conditional Random Fields for Intrusion Detection
Layered Approach Using Conditional Random Fields for Intrusion Detection.pptx (Size: 715.35 KB / Downloads: 28)
Introduction
An IDS must reliably detect malicious activities in a network.
Must perform efficiently in a large network traffic.
Two issues Accuracy and Efficiency .
Using Conditional Random Fields and Layered Approach.
High attack detection accuracy can be achieved by CRF.
High efficiency by implementing the Layered Approach.
We show that our system is robust and is able to handle noisy data.
Existing System
Single intrusion detection system.
Many systems have been built to detect intrusions.
Various techniques have been applied to detect intrusions.
association rules, clustering, naive Bayes classifier, support vector machines, genetic algorithms.
Proposed System
Use of autonomous and probabilistic agents for intrusion detection.
To overcome the weakness of a single intrusion detection system, a number of frameworks have been proposed.
benchmark KDD’99 intrusion data set .
Shows that our proposed system based on Layered Conditional Random fields.
Hardware Requirements
SYSTEM entium IV 2.4GHz
HARD DISK :40 GB
FLOPPY DRIVE :1.44 MB
RAM : 512MB
Software Requirements
Operating system : Windows XP Professional
Front End : JAVA, RMI, JDBC, Swing
Tool : Eclipse 3.3
MODULES
Layered approach module.
Conditional random fields modules.
Integration module.
Layered approach module:
Probe layer
Dos layer
R2L layer
U2R layer
Conditional random fields module:
CRFs do not make any unwarranted assumptions about the data.
Consider features such as “logged in” and number of file creations.
Integration module:
This is the module where the system is integrated.
Two systems are developed,
System using layered approach and system using CRFs.
Conclusion
Finally we show our system is Robust and easily handle noisy data.