An alerts correlation technology for large-scale network intrusion detection
WISM'11 Proceedings of the 2011 international conference on Web information systems and mining - Volume Part I
Network intrusion detection system using genetic network programming with support vector machine
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
| Hi-index | 0.00 |
In this article we discuss our research in developing general and systematic methods for intrusion detection. The key ideas are to use data mining techniques to discover consistent and useful patterns of system features that describe program and user behavior, and use the set of relevant system features to compute (inductively learned) classifiers that can recognize anomalies and known intrusions. The paper also discusses the current level of computer security development in Tanzania with particular interest in IDS application with the fact that approach is easy to implement with less complexity to computer systems architecture, less dependence on operating environment (as compared with other security-based systems) and ability to detect abuse of user privileges easily. The findings are geared towards developing security infrastructure and providing ICT services.