Skip to main content
SpringerLink
Log in

Automatic Generation of Domain Specific Customized Signatures for an Enterprise Intrusion Detection System Based on Sentimental Analysis

  • Conference paper
  • First Online:
Information Systems Design and Intelligent Applications

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 339))

  • 1707 Accesses

Abstract

IDS is a powerful tool in monitoring intruders. It detects the intruders based on pre defined patterns known as signatures. But in the context of an enterprise, a single IDS for the whole organization may not function effectively as there will be several business units (domains) such as HR, Finance, Marketing etc. Each business unit will have its own set of activities, business rules and security requirements. It should be possible for the personnel in these enterprise business units to enter their own security business rules. Since many of these personnel do not have expertise in writing signature to IDS, it would be convenient for them to specify the rules in Natural Language statements like English. These natural language statements should be converted to IDS signatures and are supposed to be added to signature database. In this paper, we have provided an interface to enter rules in natural language. Using Sentimental Analysis technique, we processed the natural language statements for conversion to IDS signatures. The converted signatures are added to corresponding business domain signature database. These domain specific customized signatures will certainly enhance the security of an enterprise.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 299.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 379.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Snort Rules. https://www.snort.org/

  2. McAfee network protection solutions: Next generation intrusion detection system. http://www.mcafee.com/us/local_content/white_papers/wp_intruvertnextgenerationids.pdf. Accessed on May 2009

  3. Rama Rao, KVSN, Patra, M.R.: A high level service oriented architectural design for building intrusion detection systems. In: Proceedings in Communication, Network, and Computing (CNC 2010), IEEE, pp. 213–218 (June 2010)

    Google Scholar 

  4. Yegneswaran, V., Giffin, J.T., Barford, P., Jha, S.: An architecture for generating semantics-aware signatures. In: USENIX Security, pp. 34–43 (August 2005)

    Google Scholar 

  5. Hwang, K., Cai, M., Chen, Y., Qin, M.: Hybrid intrusion detection with weighted signature generation over anomalous internet episodes. IEEE Trans. Dependable Secure Comput. 4(1), 41–55 (2007)

    Article  Google Scholar 

  6. Newsome, J., Karp, B., Song, D.: Polygraph: automatically generating signatures for polymorphic worms. In: IEEE Symposium on Security and Privacy, pp. 226–241, IEEE 2005 (May 2005)

    Google Scholar 

  7. Wang, K., Cretu, G., Stolfo, S.J.: Anomalous payload-based worm detection and signature generation. In: Recent Advances in Intrusion Detection, pp. 227–246. Springer, Berlin

    Google Scholar 

  8. Portokalidis, G., Slowinska, A., Bos, H.: Argos: an emulator for fingerprinting zero-day attacks for advertised honeypots with automatic signature generation. In: ACM SIGOPS Operating Systems Review, vol. 40, no. 4, pp. 15–27. ACM (2006, April)

    Google Scholar 

  9. Catania, C.A., Garino, C.G.: Automatic network intrusion detection: current techniques and open issues. Comput. Electr. Eng. 38(5), 1062–1072 (2012)

    Article  Google Scholar 

  10. Shabtai, A., Menahem, E., Elovici, Y.: F-sign: automatic, function-based signature generation for malware. Syst. Man Cybern. Part C IEEE Trans. Appl. Rev. 41(4), 494–508 (2011)

    Article  Google Scholar 

  11. Koch, R.: Towards next-generation intrusion detection. In: 3rd International Conference on Cyber Conflict (ICCC), IEEE 2011, pp. 1–18. (June 2011)

    Google Scholar 

  12. Gonalves, P., Arajo, M., Benevenuto, F., Cha, M.: Comparing and combining sentiment analysis methods. In: Proceedings of the first ACM conference on Online social networks, pp. 27–38, ACM (Oct 2013)

    Google Scholar 

Download references

Acknowledgments

We wish to acknowledge the funding for this research project (MRP-4567/14 (SERO/UGC)) from University Grants Commission-South Eastern Regional Office, Hyderabad under Minor Research Projects for the year 2013–2014.

Author information

Authors and Affiliations

  1. Jawaharlal Nehru Institute of Advanced Studies (JNIAS), Hyderabad, India

    K. V. S. N. Rama Rao & Sudheer Kumar Battula

  2. Department of CSE, MLR Institute of Technology, Hyderabad, India

    K. V. S. N. Rama Rao

Authors
  1. K. V. S. N. Rama Rao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sudheer Kumar Battula
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to K. V. S. N. Rama Rao .

Editor information

Editors and Affiliations

  1. University of Kalyani, Kalyani, West Bengal, India

    J. K. Mandal

  2. Department of Computer Science and Engineering, Anil Neerukonda Institute of Technology and Sciences, Vishakapatnam, India

    Suresh Chandra Satapathy

  3. Dean, Faculty of Engineering, Technology, University of Kalyani, Kalyani, West Bengal, India

    Manas Kumar Sanyal

  4. Engineering and Technological Studies, University of Kalyani, Kalyani, West Bengal, India

    Partha Pratim Sarkar

  5. Department Computer Science & Engineering, University of Kalyani, Kalyani, India

    Anirban Mukhopadhyay

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer India

About this paper

Cite this paper

Rama Rao, K.V.S.N., Battula, S.K. (2015). Automatic Generation of Domain Specific Customized Signatures for an Enterprise Intrusion Detection System Based on Sentimental Analysis. In: Mandal, J., Satapathy, S., Kumar Sanyal, M., Sarkar, P., Mukhopadhyay, A. (eds) Information Systems Design and Intelligent Applications. Advances in Intelligent Systems and Computing, vol 339. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2250-7_48

Download citation

  • DOI: https://doi.org/10.1007/978-81-322-2250-7_48

  • Published:

  • Publisher Name: Springer, New Delhi

  • Print ISBN: 978-81-322-2249-1

  • Online ISBN: 978-81-322-2250-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation