Analyze the Delay Time by Data Mining for Network Intrusion Prevention System Using Bro
The important for using the network are increased day by day, and the important for the security for these networks are more important. To implement secure network, the network administrator use several type of security systems and software tools, the most focus systems used in this area are the fi...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | eng eng |
Published: |
2009
|
Subjects: | |
Online Access: | https://etd.uum.edu.my/1770/1/Kaled_Hussain_Azrane.pdf https://etd.uum.edu.my/1770/2/1.Kaled_Hussain_Azrane.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my-uum-etd.1770 |
---|---|
record_format |
uketd_dc |
institution |
Universiti Utara Malaysia |
collection |
UUM ETD |
language |
eng eng |
topic |
TK5101-6720 Telecommunication |
spellingShingle |
TK5101-6720 Telecommunication Azrane, Kaled Hussain Analyze the Delay Time by Data Mining for Network Intrusion Prevention System Using Bro |
description |
The important for using the network are increased day by day, and the important for the security for these networks are more important. To implement secure network, the network administrator use several type of security systems and software tools, the most focus systems used in this area are the firewalls and the intrusion detection and prevention systems. There are many features developed every year for these systems and there are many studies done to evaluate and develop these systems, this thesis focus on evaluate the performance for one of famous open free source intrusion detection and prevention system, which is Bro IDS, the thesis will test the performance for Bro in different situations to determine which conditions make Bro work with the minimum delay time for the packets, the thesis will use the data mining tool which it SPSS, to
analyse the effects for the main policies on the delay time for the packets when the Bro work as intrusion prevention system. |
format |
Thesis |
qualification_name |
masters |
qualification_level |
Master's degree |
author |
Azrane, Kaled Hussain |
author_facet |
Azrane, Kaled Hussain |
author_sort |
Azrane, Kaled Hussain |
title |
Analyze the Delay Time by Data Mining for Network Intrusion Prevention System Using Bro |
title_short |
Analyze the Delay Time by Data Mining for Network Intrusion Prevention System Using Bro |
title_full |
Analyze the Delay Time by Data Mining for Network Intrusion Prevention System Using Bro |
title_fullStr |
Analyze the Delay Time by Data Mining for Network Intrusion Prevention System Using Bro |
title_full_unstemmed |
Analyze the Delay Time by Data Mining for Network Intrusion Prevention System Using Bro |
title_sort |
analyze the delay time by data mining for network intrusion prevention system using bro |
granting_institution |
Universiti Utara Malaysia |
granting_department |
College of Arts and Sciences (CAS) |
publishDate |
2009 |
url |
https://etd.uum.edu.my/1770/1/Kaled_Hussain_Azrane.pdf https://etd.uum.edu.my/1770/2/1.Kaled_Hussain_Azrane.pdf |
_version_ |
1747827202140930048 |
spelling |
my-uum-etd.17702022-04-21T03:49:58Z Analyze the Delay Time by Data Mining for Network Intrusion Prevention System Using Bro 2009-04 Azrane, Kaled Hussain College of Arts and Sciences (CAS) College of Arts and Sciences TK5101-6720 Telecommunication The important for using the network are increased day by day, and the important for the security for these networks are more important. To implement secure network, the network administrator use several type of security systems and software tools, the most focus systems used in this area are the firewalls and the intrusion detection and prevention systems. There are many features developed every year for these systems and there are many studies done to evaluate and develop these systems, this thesis focus on evaluate the performance for one of famous open free source intrusion detection and prevention system, which is Bro IDS, the thesis will test the performance for Bro in different situations to determine which conditions make Bro work with the minimum delay time for the packets, the thesis will use the data mining tool which it SPSS, to analyse the effects for the main policies on the delay time for the packets when the Bro work as intrusion prevention system. 2009-04 Thesis https://etd.uum.edu.my/1770/ https://etd.uum.edu.my/1770/1/Kaled_Hussain_Azrane.pdf text eng public https://etd.uum.edu.my/1770/2/1.Kaled_Hussain_Azrane.pdf text eng public masters masters Universiti Utara Malaysia Anderson, J. R. (1980). Computer security threat monitoring and surveillance. Anttila,J.(2004).Intrusion Detection in Critical E-business Environment. Helsinki University of Technology, Finland. Archibald, N., Ramirez, G., & Rathaus, N. (2005). Nessus, Snort, & Ethereal Power Tools: Customizing Open Source security Application. USA: Syngress Publishing, Inc. Asarcikli, S. (2005). Firewall Monitoring Using lntrusion Detection Systems. Izmir Institute of Technology, Izmir. Attig, M., & Lockwood, J. (2005). SIFT:Snort lntrusion Filter for TCP. Paper presented at the 13th IEEE Symposium on High Performance Interconnects. Axelsson, S. (2006). Understanding lntrusion Detection Through Visualization. USA: Springer. Bace, R., & Mell, P. (2001). lntrusion Detection Systems [Electronic Version] from http: //www- cse.ucsd.edu/classes/faOl/cse221/projects/group10.pdf. Baker, A. R., Caswell, B., & Poor, M. (2004). Snort 2.1 lntrusion Detection USA: Syngress Publishing, Inc. Baker, A. R., & Esler, J. (2007). Snort IDS and IPS Toolkit. Burlington: Syngress Publishing, Inc. Balzarotti, D. (2006). Testing Network lntrusion Detection Systems. Politecnico di Milano, Italy. Beale, J., & Foster, J. C. (2003). Snort 2.0 lntrusion Detection. USA: Syngress Publishing. Capite, D. D. (2007). Self-Defending Networks : The Next Genration of Network Security. Indianapolis,USA:Cisco Press. Caruso, L. C., Guuindani, G., Schmitt, H., Neycalazans, & Moraes, F. (2007). SPP-NIDS - A Sea of Processors Platform for Network lntrusion Detection Systems. Paper presented at the 18th IEEE/IFIP International Workshop on Rapid System Prototyping(RSP07). Chang, Y. K., Tsai, M. L., & Chung, Y. R. (2008). Multi-Character Processor Array for Pattern Matching in Network lntrusion Detection System. Paper presented at the 22nd IEEE International Conference on Advanced Information Networking and Applications, AlNA Cisco. (2007). Understanding Delay in Packet Voice Networks [Electronic Version]from http:// www.cisco.com/warp/public/788/voip/delay-details.html. Crothers, T. (2003). Implementing Intrusion Detection Systems. Indiana: Wiley Publishing, Inc. Dries, J. (2001). An Introduction to Snort: A Lightweight lntrusion Detection System [Electronic Version] from http://www.informit.com/articles/article.aspx?p=21777. Graham, J. M. (2000). Interaction Effects: Their Nature and Some Post Hoc Exploration Strategies [Electronic Version] from http://ericae.net/ft/tamu/interaction.pdf. Greensmith, J. (2007). The Dendritic Cell Algorithm. University of Nottingham. Guerrero, J. H., & Cardenas, R. G. (2005). An example of communication between security tools: lptables - Snort. ACM, 39(3), 34-43. Hutchings, B. L., Franklin, R., & Carver, D. (2002). Assisting Network lntrusion Detection with Reconfigurable Hardware. Paper presented at the Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM'02). Jeong, Y., Jeon, J., Ryu, J., & Seo, D. (2006). A Developing of Signature-based Network Security Tester for NGSS. Paper presented at the 8th IEEE International Conference Advanced Communication Technology, ICACT Kim, Y., Jung, B., Lim, J., & Kim, K. (2007). Processing of Multi-pattern Signature in lntrusion Detection System with Content Processor. Paper presented at the 6th IEEE International Conference on Information, Communications & Signal Processing. Korenek, J., & Kobiersky, P. (2007). lntrusion Detection System Intended for Multigigabit Networks. Paper presented at the Design and Diagnostics of Electronic Circuits and Systems, DDECS. Koziol, J. (2003). lntrusion Detection with Snort: Sams Publishing. Lauf, A. P. (2007). Hybrids: Embeddable Hybrid Intrusion Detection System. Vanderbilt University. Lippmann, R., Haines, J., Fried, D., Korba, J., & Das, K. (2000). The 1999 DARPA Off-Line Intrusion Detection Evaluation: Lincoln Laboratory MIT. Lussi, C. (2008). Signature-based Extrusion Detection. Swiss Federal Institute of Technology Zurich. Maxwell, S., & Delaney, H. (2004). Designing Experiments and Analyzing Data (2nd ed.): Lawrence Erlbaum Associates. May, C., Hammerstein, J., Mattson, J., & Rush, K. (2006). Defense-in-Depth: Foundations for Secure and Resilient IT Enterprises: Carnegie Mellon University. McHugh, J., Christie, A., & Allen, J. (2000). Defending Yourself: The Role of lntrusion Detection Systems. Software, IEEE, 17(5). Mukherjee, B., Heberlein, L., & Levitt, K. (1994). Network lntrusion Detection. IEEE Network, 8(4), 26-41. Newman, D., Manalo, K., & Tittel, E. (2004). CSIDS Exam Cram 2 [Electronic Version] from http:// www.informit.com/articles/article.aspxp=l74342&seqNum=l. Northcutt, S., & Novak, J. (2003). Network lntrusion Detection (3rd ed.): New Riders. Novak, J., & Sturges, S. (2007). Target-Based TCP Stream Reassembly [Electronic Version] from http://www.snort.org/docs/stream5-model-AugO32007.pdf. NSSlabs. (2008). Gigabit Intrusion Detection Systems (IDS) [Electronic Version] from http://www.nsslabs.com/white-papers/gigabit-intrusion-detection-systems-ids.html. NSSLabs. (2008). lntrusion Prevention Systems (IPS) [Electronic Version] from http://nsslabs.com/white-papers/intrusion-prevention-systems-ips.html. 0ksuz, A. (2007). Unsupervised lntrusion Detection System. Technical University of Denmark. Papini, D. (2008). An Anomaly based Wireless lntrusion Detection System. Technical University of Denmark. Perdisci, R. (2006). Statistical Pattern Recognition Techniques for lntrusion Detection in Computer Networks: Challenges and Solutions. Universita degli Studi di Cagliari, Cagliari, Italy. Pfleeger, C., & Pefleeger, S. (2007). Security in Computing (4th ed.). USA: Pearson Education, Inc. Pipa, D. (2008). lntrusion Detection and Prevention: lmmunologically Inspired Approaches. University of London. Puketza,N.(2000). Approches to Computer Security:Filtering. Testing, and Detection. University of California Davis. Rehman, R. (2003). lntrusion Detection Systems with Snort (1st ed.). New Jersey Printice Hall PTR. Roesch, M. (1999). Snort - Lightweight lntrusion Detection for Networks [Electronic Version] from http://www.snort.org/docs/lisapaper.txt. Safiee, M. (2007). An lntrusion Detection System (IDS) For Internet Network. Universiti Teknologi Malaysia. Schwartz, D., Stoecklin, S., & Yilmaz, E. (2002). A Case-Based Approach to Network lntrusion Detection. Paper presented at the 5th IEEE International Conference on Information Fusion. Smith, C. (2003). Understanding Concepts in the Defence in Depth Strategy. Paper presented at the 37th Annual IEEE International Carnahan Conference on Security Technology. Snyder, J. (2008). Six Strategies for Defense-in-depth: Securing the Network from the Inside Out [Electronic Version] from http://www.arubanetworks.com/pdf/technology/whitepapers/wp_Defense-in-depth.pdf. Sommer, R. (2005). Viable Network lntrusion Detection in High-Performance Environments. Technische Universitat Munchen. Song, H., Sproull, T., Attig, M., & Lockwood, J. (2005). Snort Offloader: A Reconfigurable Hardware NlDS Filter. Paper presented at the lEEE International Conference on Field Programmable Logic and Applications. Sourdis,I,., Dimopoulos, V., Pnevmatikatos, D., & Vassiliadis, S. (2006). Packet Pre-filtering for Network lntrusion Detection. Paper presented at the 2006 ACM/IEEE symposium on Architecture for networking and communications systems, California,USA. Tenhunen, T. (2008). Implementing An lntrusion Detection System In The Mysea Architecture. Naval Postgraduate School, Monterey, California. Thomas, T. (2004). Network Security: first-step. Indianapolis, USA: Cisco Press. Vallentin, M.(2006). Transparent Load-Balancing for Network lntrusion Detection Systems. Technische Universitat Munchen. Wagoner, R. (2007). Performance Testing An lnline Network lntrusion Detection System Using Snort. Morehead State University. Wagoner, R. (2007). Performance Testing an lnline Network lntrusion Detection System Using Snort. Morehead State University, Morehead. Wan, T., & Yang, X. (2001). IntruDetector: A Software Platform for Testing Network lntrusion Detection Algorithms. Paper presented at the 17th Annual IEEE Computer Security Application Conferance. ACSAC. WU, Y., Foo, B., Mei, Y., & Bagchi, S. (2003). Collaborative lntrusion Detection System (CIDS): A Framework for Accurate and Efficient IDS. Paper presented at the 19th Annual IEEE Computer Security Applications Conference ACSAC Yaacob, N. (2003). Utilizing Snort in the analysis of intrusion Detection System. University Utara Malaysia,Kedah. Zamboni, D. (2001). Using Internal Sensors for Computer lntrusion Detection. Purdue University, Purdue Zanero, S. (2006). Unsupervised Learning Algorithms for lntrusion Detection. Politecnico Milano University, Milano. |