In our current society, the threat of cyber intrusion is increasingly high and harmful. With the rise of usage in computers, criminal activity has also shifted from physical intrusion into cyber intrusion. Intrusion detection systems provide the ability to identify security breaches in a system. A security breach will be any action the owner of the system deems unauthorized. Current methods used for these systems include using anomaly detection or a signature database. In this research we use both anomaly detection and a signature database using data mining techniques. Our solution provides a tool that would run data mining tools against a log file to detect patterns that may be considered an unauthorized activity. The tool gains additional patterns as time goes by and grows more effective. It allowed us to detect brute force password cracking and Denial-of-Service (DoS) attacks on a system in the Ubuntu platform.
展开▼
