AN INTELLIGENT INTRUSION DETECTION FOR DETECTING UNAUTHORIZED MALWARE OVER THE NETWORK

摘要

Monitoring Internet traffic is critical in order to acquire a good understanding of threats and in designing efficient security systems. It is the most important issue to monitor the traffic in internet and also in designing efficient security systems. Honeypot is one of the security tools for gathering intelligence of Internet attacks, traffic collected by honeypot is of high dimensionality that makes it difficult to characterize. In this paper, a multivariate analysis technique, for characterizing honeypot traffic and separating latent groups of activities is used. A multivariate analysis consists of collection of methods that can be used for detecting unauthorized malware over the internet. Data visualization, Data mining and statistical techniques are the multivariate analysis techniques for characterizing Honeypot. The internet has become a platform for all kinds of security-sensitive services and applications. In this modern era of computing, internet plays an important role and therefore, securing network hosts, learning attack methods, capturing of attack tools, and studying motives of computer criminals are important tasks for network administrators and security engineers. One important aspect of network attacks is malicious software (malware) that spreads autonomously over the network by exploiting known or unknown vulnerabilities. The various elements like web browsers, e-mail client and office are absolutely not secure with the development of new client application software vulnerabilities. This paper highlights the development strategy towards intrusion detection system based on honeypot. It is a trap set to detect, deflect towards any unauthorized/ anonymous malware distributed globally over the networks. We achieved designing a prototype with a unique network crawler which will keep track the illegal software but it has also potential to track the source URL from which the malicious events are taking place at the client side.