Author:
Jemili Farah,Korbaa Ouajdi
Abstract
Computer security consists in protecting access and manipulating system data by several mechanisms. However, conventional protection technologies are ineffective against current attacks. Thus, new tools have appeared, such as the intrusion detection and prediction systems which are important defense elements for network security since they detect the ongoing intrusions and predict the upcoming attacks. Besides, most of conventional protection technologies remain insufficient in terms of actions since they are all passive systems, unable to provide recommendations in order to block or stop the attacks. In this paper, a distributed detection and prediction system, composed of three major parts, is proposed. The first part deals with the detection of intrusions based on the decision tree learning algorithm. The second part deals with intrusions prediction using the chronicle algorithm. The third part proposes an expert system for security recommendations in response to detected intrusions, able to provide appropriate recommendations to stop the attacks. The proposed system gives good results in terms of accuracy and precision in detecting and predicting attacks, and efficiency in proposing the right recommendations to stop the attacks.
Reference38 articles.
1. Ahmadi MR. An intrusion prediction technique based on co-evolutionary immune system for network security (coco-idp). International Journal of Network Security. 2019.
2. Baykara M, Das R. A novel honeypot based security approach for real-time intrusion detection and prevention systems. Journal of Information Security and Applications. 2018.
3. Bijone M. A survey on secure network: Intrusion detection prevention approaches. American Journal of Information Systems. 2020.
4. Desale KS, Kumathekar CN, Chavan AP. Efficient intrusion detection system using stream data mining classification technique. ICCUBEA’15: Proceedings of the 2019 International Conference on Computing Communication Control and Automation. 2019.
5. Elayni M, Jemili F. Using MongoDB databases for training and combining intrusion detection datasets. International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing. 2017.