ПРИЛОЖЕНИЕ НА ДЪРВО НА РЕШЕНИЯТА В СИСТЕМИТЕ ЗА ОТКРИВАНЕ НА НАРУШЕНИЯ
DECISION TREE APPLICATION TO INTRUSION DETECTION SYSTEMS
Author(s): Veselina Jecheva, Evgeniya NikolovaSubject(s): Social Sciences, Education, Communication studies, Theory of Communication, Higher Education , Educational Psychology
Published by: Бургаски свободен университет
Keywords: Intrusion detection systems IDS; anomaly based IDS; C4.5 algorithm; decision tree; cluster analysis
Summary/Abstract: The purpose of the intrusion detection systems IDS is to reveal any violence of the organizations security policy unauthorized access from outsiders, rising privileges of authorized users, violation of the confidentiality and/or integrity of system resources. The present paper presents an examination of the current IDS, based on the anomalies behavioral analysis, where C4.5 algorithm is applied in a host-based scenario in order to describe the normal user activity, using decision tree. As a second step, a cluster analysis has been applied with purpose to classify current user activity as normal or malicious. With purpose of approving the proposed methodology, a number of simulation experiments have been applied and the obtained results have been analyzed.
Journal: Компютърни науки и комуникации
- Issue Year: 5/2016
- Issue No: 4
- Page Range: 7-11
- Page Count: 5
- Language: Bulgarian