Академический Документы
Профессиональный Документы
Культура Документы
system must reliably detect malicious activities in a network and must perform
efficiently to cope with the large amount of network traffic. In this project, we
address these two issues of Accuracy and Efficiency using Conditional Random
Fields and Layered Approach. We demonstrate that high attack detection accuracy
implementing the Layered Approach. Finally, we show that our system is robust
unauthorized access to a computer system or network. This may take the form of
IDS is required to detect all types of malicious network traffic and computer usage.
This includes network attacks against vulnerable services, data driven attacks on
and access to sensitive files, and malware (viruses, Trojan horses, and Worms).
security events, a Console to monitor events and alerts and control the sensors, and
a central Engine that records events logged by the sensors in a database and uses a
i
TABLE OF CONTENTS
ABSTRACT i
LIST
OF TABLES iv
LIST OF FIGURES v
1
INTRODUCTION 1
1.1 Problem specification 2
1.1.1 Objectives 2
1.1.2 Layered approach for intrusion detection 3
1.1.3 Conditional random fields 5
1.1.4 Integrating layered approach with
Conditional random fields 5
2 LITERATURE SURVEY 6
3 SYSTEM STUDY 12
3.1 Existing system 13
3.2 Proposed system 13
4 SYSTEM DESIGN AND IMPLEMENTATION 14
4.1 Login 15
4.2 Probe layer 15
4.3 DOS layer 16
4.4 R2L layer 16
4.5 U2R layer 16
4.6 Layered framework for intrusion detection 17
ii
4.7 Layered CRF for network intrusion detection 18
5 FEATURE SELECTION 20
6.1 Feature selection for probe layer 21
6.2 Feature selection for DOS layer 21
6.3 Feature selection for R2L layer 22
64 Feature selection for U2R layer 23
6.5Algorithm 25
6 TESTING 26
7.1 Unit testing 27
7.2 Acceptance testing 27
7.3 Integration testing 27
7 CONCLUSION & FUTURE ENHANCEMENT 28
8 APPENDICES 31
9 REFERENCES 48
iii
LIST OF TABLES
iv
LIST OF FIGURES