Intelligent intrusion detection system

مقدم أطروحة جامعية

Hariz, Raghdah

مشرف أطروحة جامعية

Atum, Jalal Yusuf
Hadi, Ali

الجامعة

جامعة الأميرة سمية للتكنولوجيا

الكلية

كلية الملك الحسين لعلوم الحوسبة

القسم الأكاديمي

قسم علم الحاسوب

دولة الجامعة

الأردن

الدرجة العلمية

ماجستير

تاريخ الدرجة العلمية

2014

الملخص الإنجليزي

With the fast increase in network connectivity and reliance on information systems, the number of sophisticated threats has also increased which demands for developing intelligent security systems that able to guard against these threats and different attacks.

This research has been conducted as an improvement to the Intrusion Detection Systems (IDS) detection methodology; it aims to implement not only a framework for an intrusion detection system, but also to make this system behave intelligently.

This has been done by training the system with previous history results, which could help in the future detecting new anomaly traffic that might be a threat.

In this research, a protocol based anomaly detector has been implemented as a part of the intelligent system and applied on HTTP only as a proof of concept.

Also the author suggest new dataset to be used in order to test the anomaly detector against multiple HTTP attacks, the results of the testing experiments show a high detection rate for known and unknown attacks and very low false positive rate, but in the other hand, the anomaly detector still need more improvement to be able to detect attacks that are either distributed or fragmented to a number of packets with different protocols.

Because the implemented system lacks the capability of correlation, so if the attack is done using multiple sessions or protocols, the anomaly detector won't be able to identify such attack.

التخصصات الرئيسية

تكنولوجيا المعلومات وعلم الحاسوب

الموضوعات

• شبكات الحاسوب
• الإجراءات الأمنية

عدد الصفحات

75

قائمة المحتويات

• APA
• MLA
• AMA

لغة النص

الإنجليزية

نوع البيانات

رسائل جامعية

رقم السجل

BIM-413781