Skip to main content
SpringerLink
Log in

Log Analysis Based Intrusion Prediction System

  • Conference paper
Emerging ICT for Bridging the Future - Proceedings of the 49th Annual Convention of the Computer Society of India (CSI) Volume 1

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 337))

Abstract

This paper proposes an intrusion prediction system in which network log file entries are used for the prediction of attacks. Good filtering and classification techniques helps to process huge amount of data and find patterns of anomalies pertaining to network attacks. The techniques used in this paper are Naive Bayes and Adaboost Cost Sensitive Learning algorithms. The network log files obtained from network devices like IDS, Firewalls etc. are collected, normalized and correlated with the help of Alienvault SIEM and the fields which are important for classification are extracted. Next, the training data is classified with the help of Naive Bayes and misclassified entries are passed on to Cost Sensitive variant of Adaboost by which the classification rate is improved. Now with the help of this train data the system creates an attack model with the help of which it predicts whether an attack is about to happen or not.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Farid, D.M., Rahman, M.Z., Rahman, C.M.: Adaptive Intrusion Detection based on Boosting and Naive Bayesian Classifier. International Journal of Computer Applications 24(3) (2011)

    Google Scholar 

  2. Panda, M., Patra, M.R.: Network Intrusion Detection using Naive Bayes. International Journal of Computer Science and Network Security 7(12), 258–263 (2007)

    Google Scholar 

  3. Sun, Y., et al.: Cost-sensitive boosting for classification of imbalanced data. Pattern Recognition 40(12), 3358–3378 (2007)

    Article  MATH  Google Scholar 

  4. Abad, C., et al.: Log correlation for intrusion detection: A proof of concept. In: 19th Annual IEEE Conference on Computer Security Applications (2003)

    Google Scholar 

  5. Natesan, P., Balasubramanie, P., Gowrison, G.: Improving the Attack Detection Rate in Network Intrusion Detection using Adaboost Algorithm. Journal of Computer Science 8(7), 1041 (2012)

    Article  Google Scholar 

  6. Forte, D.V.: The Art of log correlation-Tools and Techniques for Correlating Events and Log Files. Computer Fraud & Security 2004(8), 15–17 (2004)

    Article  Google Scholar 

  7. Kannadiga, P., Zulkernine, M., Haque, A.: E-NIPS: An event-based network intrusion prediction system. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 37–52. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  8. Sendi, A.S., Dagenais, M., Jabbarifar, M., Couture, M.: Real Time Intrusion Prediction based on Optimized Alerts with Hidden Markov Model. Journal of Networks 7(2), 311–321 (2012)

    Google Scholar 

  9. Kruegel, C., Tóth, T., Kerer, C.: Decentralized event correlation for intrusion detection. In: Kim, K.-c. (ed.) ICISC 2001. LNCS, vol. 2288, p. 114. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  10. Wang, L., Liu, A., Jajodia, S.: Using Attack Graphs for Correlating, Hypothesizing and Predicting Intrusion Alerts. Computer Communications 29(15), 2917–2933 (2006)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. TIFAC Core in Cyber Security, Amrita Viswa Vidyapeetham, Coimbatore, India

    Rakesh P. Menon

Authors
  1. Rakesh P. Menon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rakesh P. Menon .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Anil Neerukonda Institute of Technology and Sciences, Vishakapatnam, India

    Suresh Chandra Satapathy

  2. School of Information Technology, Jawaharlal Nehru Technological University Hyderabad, Hyderabad, India

    A. Govardhan

  3. Department of CSE, CMR Technical Campus, Hyderabad, India

    K. Srujan Raju

  4. Department of Computer Science & Engineering, Faculty of Engg., Tech. & Management, University of Kalyani, Kalyani, West Bengal, India

    J. K. Mandal

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Menon, R.P. (2015). Log Analysis Based Intrusion Prediction System. In: Satapathy, S., Govardhan, A., Raju, K., Mandal, J. (eds) Emerging ICT for Bridging the Future - Proceedings of the 49th Annual Convention of the Computer Society of India (CSI) Volume 1. Advances in Intelligent Systems and Computing, vol 337. Springer, Cham. https://doi.org/10.1007/978-3-319-13728-5_46

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-13728-5_46

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-13727-8

  • Online ISBN: 978-3-319-13728-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation