2012 International Conference on Advanced Computer Science Applications and Technologies (ACSAT) (2012)
Nov. 26, 2012 to Nov. 28, 2012
Intrusion Prevention Systems (IPS) is the most important solution for providing a high level of security all over the networks today. IPS is evolving recently in a way that is expected eventually to replace other security solutions such as firewalls and anti-viruses. To over come the static signature detecting mechanism to identify intruders that exists in all host based IPSs which in turn needs to be updated from time to time to insure the most accurate detection. In this paper we introduce a four tier host based IPS that uses data mining technique, namely decision tree, as a detecting mechanism. The input parameters for the prior decision tree algorithm are the most infected or targeted computer resources by intruders, instead of a static signature database. Three test scenarios were performed to investigate the ability of the proposed IPS to classify intruders correctly.
computer network security, data mining, decision trees, digital signatures
A. Al-hamami and T. Alawneh, "Developing a Host Intrusion Prevention System by Using Data Mining," 2012 International Conference on Advanced Computer Science Applications and Technologies (ACSAT), Kuala Lumpur, 2013, pp. 409-413.