StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Anomaly Detection Scheme for Prevention of Online Attacks - Dissertation Example

Cite this document
Summary
The paper “Anomaly Detection Scheme for Prevention of Online Attacks” will look at detection of time-domain change, which is essential in recognizing availability of a possible attack. The time parameter reflects any deviation from the normal…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.8% of users find it useful
Anomaly Detection Scheme for Prevention of Online Attacks
Read Text Preview

Extract of sample "Anomaly Detection Scheme for Prevention of Online Attacks"

 Anomaly Detection Scheme for Prevention of Online Attacks Detection of time-domain change is essential in recognizing availability of a possible attack. The time parameter reflects any deviation from the normal (duration taken) in disseminating information and receiving of the feedback. The efficiency of communication is therefore slowed down and this cripples the activities of an institution. Hacking of the internet system distorts the original information that was fed and may bring about a jam. All these are prevented by use of highly advanced and sophisticated modern devices that quickly sense and produce signals to notify the comptroller (Chiang, 2004). Data analysis must be undertaken to confirm and ensure only the vital information is online and accessed by the target population. The systems are made in a way that they are able to identify the geographical location of an attacker who can then be easily trailed, and legal action may be taken. The coming attacks may also be blocked by an automated program in the system. Updating should always be done to facilitate prompt detection of attacks. This ensures the system remains at pace with any new technological changes. When all security measures are considered, the privacy of an institution remains secured. They remain at the disposal of the authorized authorities. Transmission of information must be sufficient at the shortest time possible. According to Chiang (2004), visualization of system level is done to integrate technology with the systems hardware, software or both. This ensures protection by offering an opportunity to study and analyze visual patterns that indicate any possible attack. Sensors are used to detect and send an alert signal inform of graphs on a screen. Multiple attacks are easily displayed and tracked down from their sources. This calls for a quick action in order to protect the data which includes resetting of the connection. All the forecasting and analysis is done in a data warehouse. This method ensures a quick and smooth action is taken to counteract any attack at the shortest time possible. Selection of heterogeneous threshold and conduct of a proper correlation analysis ensures systems are well set to accommodate large amounts of data and detect any slight attacks at any moment. A web of links is made that connects the major system to several others. A threshold value is also set which sounds an alarm when exceeded. The ease of detection of attacks becomes easier since either of them signals the main server (Chiang, 2004). An internal program is installed to ensure the system is able to detect any foreign data and differentiate self from non-self before sending a signal. The system becomes protected from collapsing and is encompassed with appropriate buffer zones to ensure the best possible results are obtained. Anomaly refers to deviation from the normal way in which information systems operate. This compromises the confidentiality and security of information contained within the system. Any delay in detection and streamlining back to normal may result to great negative impacts. Computers should therefore be protected from any form of attack by installation of a specialized and highly sensitive detector. This is called a detection scheme. It is backed up by additional security features which limit access to specific individuals and from a central point. The system is well cushioned and security guaranteed. Most institutions trust the viability of this security measure. A research was conducted by Lazarevic (2003) in order to identify data attacks and anomaly detection schemes in various computer systems. In most organizations, they gave out efficient and perfect results. Intrusion Prevention System is one with extremely amazing outcomes. It allows service delivery irrespective of any obstacles which may try to inhibit the process. A system of coordinated computer programs facilitates blocking and neutralization of any collective attacks. These include: Time remains a critical factor in detecting attacks. Transmission of messages and obtaining of feedback may get longer than usual (reaction and response time).This is a clear indicator of attacks which may be manual, automatic or semi-automatic. The second form is from within the system and is rarely detected before its occurrence. Most of the attacks are sent as short-term bursts in order to remain camouflaged. Many of the attackers make use of slow time dynamics of transmission time out. Here the attacker sends short-term bursts. In order to overcome the attackers in good time, there should be a means for real-time attack classification and a defense mechanism. This means that data mining by the detection system should be real-time, putting into consideration efficiency, accuracy, and usability, (Axelsson, 1999). To ensure high accuracy in a short time, data mining process uses programs that analyze the data and at the same time distinguish between genuine actions and malicious attacks. To ensure high efficiency, the costs of the extracted features are calculated and the cost approach is useful in production of efficient detection model. Usability improvement is by adapting algorithms that facilitate fast updating of the system to enhance quick attack detection (Barbara, 2001). Audit data analysis and mining (ADAM) is the system that proposes use of data mining methods and detects abnormalities in the audit data. A good example is the program researched and documented by (Barabra, 2001) which is used to check the data and store the packets that are transmitted and along the network. ADAM, can in a very flexible manner, represent known patterns in a network while detecting the unknown attack patterns which cannot be detected using others. System level visualization is the integration of a system’s requirements like hardware and software with the appropriate technology to overcome collaborative attacks. Some systems are beyond protection by the traditional intrusions detection systems (SANS Institute, 1999). Therefore, the mitigation of the attacks is by analyzing visual patterns using several visualization tools that are in place for use in early detection of attacks. These tools include detectors, sensors and data warehouses to improve scalability and efficiency of the anomaly detection systems as well as to enhance sharing of data to update the system. When using sensors, exchange of information happens in real-time while ensuring that data structure is intact. The amount of data reduces by filtering the high entropies. When a sensor detects an attack, it tries to match the attacker’s packet with the signature database of the attack. The sensor reports a match of the two the console and takes an action depending on its configuration. Some of the actions include sending an alert email to an administrator or resetting the connection of the TCP, (Chiang, 2004). A data warehouse in this case is useful for analysis, which is necessary for decision making about dealing with attacks and forecasting. References Axelsson, S. (1999). Research in intrusion-detection systems: A survey. Technical report TR 98-17, Goteborg, Sweden: Department of Computer Engineering, Chalmers University of Technology. Barbara, D., Couto, J., Jajodia, S. and Wu, N. (2002). An architecture for anomaly detection. Applications of Data Mining in Computer Security, 63-76. Champion, T., Durst, R., Miller, E., Spagnuolo, L. and Witten, B. (1999). Testing and evaluating computer intrusion detection systems. Communications of the ACM, (42)7, 53. Chiang, M., Zilic, Z., Chenard, J. and Radecka, K. (2004). Architectures of Increased Availability Wireless Sensor Network Nodes. Anaheim, CA: International Test Conference, IEEE. Ghosh, A., Wanken, J. and Charron, F. (1998). Proceedings of the IEEE Computer Society 14th annual computer security applications conference. Detecting anomalous and unknown intrusions against programs. Los Alamitos, CA. Hofmeyr, S., Forrest, S. and Somayaji, A. (1998). Intrusion detection using sequences of system calls. Journal of Computer Security, 6, 151-180. Kumar, S. (1995). Classification and detection of computer intrusions. (Unpublished doctoral dissertation), Purdue University. Lazarevic, A., Ozgur, A., Ertoz, L., Srivastava, J. and Kumar, V. (2003). Proceedings from SIAM International Conference on Data Mining: A comparative study of anomaly detection schemes in network intrusion detection. Buenos Aires. Mannila, H., Toivonen, H. and Verkamo, A. (1995). Discovering frequent episodes in sequences. Menlo Park,CA: AAAI Press. SANS Institute, (1999). Intrusion Detection Systems: Definition, Need and Challenges. Retrieved on March 9, 2013from http://secinf.net/info/ids/nvh_ids/. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Anomaly Detection Scheme for Prevention of Online Attacks Dissertation”, n.d.)
Anomaly Detection Scheme for Prevention of Online Attacks Dissertation. Retrieved from https://studentshare.org/information-technology/1469770-an-anamoly-detection-scheme-for-the-detection-of
(Anomaly Detection Scheme for Prevention of Online Attacks Dissertation)
Anomaly Detection Scheme for Prevention of Online Attacks Dissertation. https://studentshare.org/information-technology/1469770-an-anamoly-detection-scheme-for-the-detection-of.
“Anomaly Detection Scheme for Prevention of Online Attacks Dissertation”, n.d. https://studentshare.org/information-technology/1469770-an-anamoly-detection-scheme-for-the-detection-of.
  • Cited: 0 times

CHECK THESE SAMPLES OF Anomaly Detection Scheme for Prevention of Online Attacks

Detection of Attacks Executed by Multiple Users

There is a suggestion to design an anomaly detection scheme for prevention of mass online attacks.... Some of these mass-users attacks are triggered by the big companies and manipulation of online items reputation can be hazardous for the customers.... Therefore, we can claim that for prevention and protecting computer systems from mass-users attacks it is necessary to pay attention to the new philosophy.... Detection of attacks executed by multiple users [Name] [Date] The problem of network attacks detection is of crucial importance nowadays....
3 Pages (750 words) Dissertation

Anomaly Detection Scheme for Prevention of Collaborative Attacks

anomaly detection scheme for prevention of Collaborative Attacks Institution Tutor 23rd Feb, 2013 anomaly detection scheme for prevention of Collaborative Attacks According to Kumar (1995), computer systems are a very important part of day-to-day life.... An anomaly detection scheme is a technical mechanism used to protect a computer infrastructure from attacks.... Most of the organizations have adopted a system that suits them in detection and prevention of attacks ....
5 Pages (1250 words) Dissertation

Detecting rogue access point using Omnipeek software to analyze the wireless network

The intrusion prevention systems detect and inhibit any attacks posed by malwares, Trojans and worms (Simmonds et al, 2004).... As stated by Crothers (2002), the main methods used to detect the attacks on network systems are; Signature based detection Anomaly based detection State full protocol analysis Different network systems have different network security technologies.... These are; Network based intrusion detection and prevention system (IDPS): monitors...
21 Pages (5250 words) Essay

International Recruitment and Selection Strategies

Hiring and retaining good employees has always been a major challenge for many firms due to the complexity of the international job market invariably amplifies the dilemma faced by recruitment managers.... The criterion and staffing tactic employed is therefore critical in securing… Even with the existing international financial predicament and job layoffs, commercial appraisals still constantly cite staff retention as of foremost importance....
15 Pages (3750 words) Essay

STATEGIC BUSINESS

The paper highlights the crucial role… Another important topic which has been discussed is the Identity detection System (IDS), its advantages, disadvantages, deficiencies and nges and the ways and means by which these could be remedied or fixed, so that uninterrupted and hassle-free use of internet could be ensured to the end-users and clients....
28 Pages (7000 words) Essay

Network and Communication Security Protocols

nbsp;… Cyber-attacks are intelligent as well as organized.... If any unknown activities initialize that are not similar to the normal profiles, is considered as anomalies or attacks.... Incorporation of an Intrusion detection system (IDS) is compulsory as it will penetrate deep in the network and detect unknown activities related to unauthorized access, viruses and hacking.... An anomaly-based intrusion detection system is based on a data driven methodology that complies with data mining techniques....
31 Pages (7750 words) Research Paper

Voice over IP Communication Systems

Unauthorized access attacks on the other hand imply that attackers gain the ability to access resources on a given network although they lack the legal authority to do it.... According to the paper 'Voice over IP Communication Systems' analysis VoIP intrusion detection as well as protection techniques suitable for the real-time interactive VoIP communication systems....
12 Pages (3000 words) Research Paper

Romania Risk Assessment

… Romania Risk Assessment Part 1: Give your overall justified rating of the top ten priorities for Government to act upon.... Next place the risks on a risk matrix.... Make any appropriate conclusions.... ntroduction Romania is exposed to a number of natural Romania Risk Assessment Part 1: Give your overall justified rating of the top ten priorities for Government to act upon....
27 Pages (6750 words) Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us