Abstract
In the current age of digital world, all users of Internet/Network as well as organizations are suffering from intrusions which results into data/information are theft/loss. In the present manuscript concept of intrusion detection system (IDS) were discussed along with its types and basic approaches. It is found that signature analysis, expert system, data mining etc. still using for IDS. Survey was given related to cybercrime incidents across various industry sectors. After analyzing the attacks on networks of organizations in different industry sectors it is found that still attacks like DDoS are not preventable. Comparison of data mining algorithms used for intrusion detection was also done. Various methods to implement the algorithm along with the advantages and disadvantages were also discussed in detail. Because of the disadvantages like over fitting, slow testing speed, unstable algorithms etc., intruders in the network are still active. To avert these shortcomings there is a need to develop real-time intrusion detection and prevention system through which data/information can be protected and saved in real-time basis before a severe loss is experienced. The real-time prevention is possible only if alerts are received instantly without delays. For this purpose, process mining could be used. This technique gives instant time alerts with real time analysis so as to prevent intrusions and data loss.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Fekolkin, R.: Intrusion detection & prevention system: overview of snort & suricata. Internet Security, A7011N, Lulea University of Technology, pp 1–4, 06 January 2015
Mukkamala, S., Janoski, G., Sung, A.: Intrusion detection using neural networks and support vector machines. In: International Joint Conference on Neural Networks (IJCNN), vol. 2, pp. 1702–1707. IEEE (2002)
Van der Aalst, W.M.P., De Medeiros, A.K.A.: Process mining and security: detecting anomalous process executions and checking process conformance. Electron. Notes Theor. Comput. Sci. 121(4), 3–21 (2005)
Ambre, A., Shekokar, N.: Insider threat detection using log analysis and event correlation. Procedia Comput. Sci. 45, 436–445 (2015). Elsevier, Science Direct
Pawar, M.V., Anuradha, J.: Network security and types of attack in network. Procedia Comput. Sci. 48, 503–506 (2015). Elsevier, Science Direct
Salama, S.E., Marie, M.I., El-Fangary, L.M., Helmy, Y.K.: Web server logs preprocessing for web intrusion detection. Comput. Inf. Sci. 4(4), 123–133 (2011). Canadian Center of Science & Education
Vijayarani, S., Maria, S.S.: Intrusion detection system- a study. IJSPTM 4(1), 31–44 (2015)
Amiri, E., Hassan, K., Heidari, H., Mohamadi, E., Hossein, M.: Intrusion detection system in MANET: a review. Procedia-Soc. Behav. Sci. 129, 453–459 (2014)
Hassan, M.M.M.: Current studies on intrusion detection system, genetic algorithm and fuzzy logic. Int. J. Distrib. Parallel Syst. (IJDPS) 4(2), 35–47 (2013)
Bezerra, F., Wainer, J.: Anomaly detection algorithms in business process logs. In: Proceedings of the Tenth International Conference on Enterprise Information Systems, ICEIS 2008. AIDSS (2008)
Patel, R., Thakkar, A., Ganatra, A.: A survey and comparative analysis of data mining techniques for network intrusion detection systems. IJSCE 2(1), 265–271 (2012). ISSN 2231-2307
Adebowale, A., Idowu, S.A., Amarachi, A.: Comparative study of selected data mining algorithms used for intrusion detection. IJSCE 3(3), 237–241 (2013). ISSN 2231-2307
Lee, W., Stolfo, S., Mok, K.: A data mining framework for building intrusion detection model. In: Proceedings of the IEEE Symposium Security and Privacy, pp. 120–132 (1999)
Van der Aalst, W.M.P.: Process Mining: Discovery, Conformance and Enhancement of Business Processes. Springer, New York (2011)
Claes, J., Poels, G.: Merging event logs for process mining: a rule based merging method and rule suggestion algorithm. Expert Syst. Appl. 41(16), 7291–7306 (2014)
Weijters, A.J.M.M., Van der Aalst, W.M.P., Alves de Medeiros, A.K.: Process mining with the heuristics miner algorithm. In: BETA Working Paper Series, WP 166. Eindhoven University of Technology, Eindhoven, pp. 1–30 (2006)
Weijters, A.J.M.M., Van der Aalst, W.M.P.: Process mining discovering workflow models from event-based data. In: Proceedings of the 13th Belgium. Citeseer (2001)
Corney, M., Mohay, G., Clack, A.: Detection of anomalies from user profiles generated from system logs. In: CRPIT - Information Security 2011, AISC 2011, Perth Australia, vol. 116, pp. 23–31 (2011)
Bae, J., Liu, L., Caverlee, J., Rouse, W.B.: Process mining, discovery, and integration using distance measures. In: IEEE International Conference on Web Services (ICWS 2006) (2006)
Bezerra, F., Wainer, J.: Anomaly detection algorithms in logs of process aware systems. In: Proceedings of the 2008 ACM Symposium on Applied Computing, SAC 2008, pp. 951–952. ACM Press (2008)
Park, S., Kang, Y.S.: A study of process mining-based business process innovation. Procedia Comput. Sci. 91, 734–743 (2016)
Van der Aalst, W.M.P., Van Dongen, B.F., Herbst, J., Maruster, L., Schimm, G., Weijters, A.J.M.M.: Workflow mining: a survey of issues and approaches. Data Knowl. Eng. 47(2), 237–267 (2003)
Bose, R.P.J.C., Van der Aalst, W.M.P., Žliobaite, I., Pechenizkiy, M.: Dealing with concept drifts in process mining. IEEE Trans. Neural Netw. Learn. Syst. 25(1), 154–171 (2014)
Su, M.Y., Jong, G., Chun, Y., Lin, Y.: A real-time network intrusion detection system for large-scale attacks based on an incremental mining approach. Comput. Secur. 28(5), 301–309 (2009). Elsevier
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Mishra, V.P., Shukla, B. (2017). Process Mining in Intrusion Detection-The Need of Current Digital World. In: Singh, D., Raman, B., Luhach, A., Lingras, P. (eds) Advanced Informatics for Computing Research. ICAICR 2017. Communications in Computer and Information Science, vol 712. Springer, Singapore. https://doi.org/10.1007/978-981-10-5780-9_22
Download citation
DOI: https://doi.org/10.1007/978-981-10-5780-9_22
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-5779-3
Online ISBN: 978-981-10-5780-9
eBook Packages: Computer ScienceComputer Science (R0)