Abstract
Problem statement: To distinguish the activities of the network traffic that the intrusion and normal is very difficult and to need much time consuming. An analyst must review all the data that large and wide to find the sequence of intrusion on the network connection. Therefore, it needs a way that can detect network intrusion to reflect the current network traffics. Approach: In this study, a novel method to find intrusion characteristic for IDS using decision tree machine learning of data mining technique was proposed. Method used to generate of rules is classification by ID3 algorithm of decision tree. Results: These rules can determine of intrusion characteristics then to implement in the firewall policy rules as prevention. Conclusion: Combination of IDS and firewall so-called the IPS, so that besides detecting the existence of intrusion also can execute by doing deny of intrusion as prevention.
Highlights
With the global Internet connection, network security has gained significant attention in research and industrial communities
Intrusion detection are considered as a complementary solution to firewall technology by recognizing attacks against the network that are missed by the firewall[10]
Characteristics to reflect the current of network traffics can observe from network traffic logs[4] as human pattern recognize[9]. This Study focus on some methods to prevention from attempt intrusion to find intrusion characteristics in the network traffic as Intrusion Detection System (IDS) implementation to firewall policy rules as prevention
Summary
With the global Internet connection, network security has gained significant attention in research and industrial communities. Due to the increasing threat of network attacks, firewalls have become important elements of the security policy is generally[7]. Firewall can be allow or deny access network packet, but firewall cannot detect intrusion or attack, so to need intrusion detection and implemented to firewall is access control systems as prevention. Intrusion detection are considered as a complementary solution to firewall technology by recognizing attacks against the network that are missed by the firewall[10]. Firewall and IDS represent an old stuff terminology in the field of IT security. IDS can detect existence intrusion or attack. The joining ability of IDS and firewalls, that is socalled IPS. That is a functioning tool to detect intrusion and denying by firewall for prevention
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: American Journal of Engineering and Applied Sciences
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.