Web-based monitoring approach for network-based intrusion detection and prevention

Journal article


Authors/Editors


Strategic Research Themes

No matching items found.


Publication Details

Author listWattanapongsakorn N., Charnsripinyo C.

PublisherKluwer Academic Publishers

Publication year2015

Volume number74

Issue number16

Start page6391

End page6411

Number of pages21

ISSN1380-7501

eISSN1380-7501

URLhttps://www.scopus.com/inward/record.uri?eid=2-s2.0-84939258734&doi=10.1007%2fs11042-014-2097-9&partnerID=40&md5=897903d45993619472bb0f374d026702

LanguagesEnglish-Great Britain (EN-GB)


View in Web of Science | View on publisher site | View citing articles in Web of Science


Abstract

There were many reports about incidents of network attacks and security treats. Damages caused by network attacks and malwares can be extremely expensive or unaffordable. In this paper, we present a web-based management system for network-based intrusion detection and prevention. Users can get access from any mobile devices to see current network status, if there is an incident of network attack in the network environment. Our intrusion detection and prevention systems (IDPS) can be applied with different well-known detection algorithms which are C4.5 Decision Tree, Random Forest, Ripple Rule, Bayesian Network, Back-Propagation Neural Network. These algorithms can give very high detection accuracy for known attacks, where the attack type was previously trained/ learnt by the system. However, when new or unfamiliar/unknown attacks are encountered, the algorithms do not perform well. So, we develop a new detection technique based on Fuzzy Genetic Algorithm (Fuzzy GA) to handle the problem. Our IDPS can work in real-time, where detection results will be reported within 2–3 s. The IDPS will automatically protect the network by dropping the malicious network packets or block the network ports that are abused by the attackers. In addition, the proposed IDPS can detect network attacks at different locations inside the network by using several client machines to capture data packets and then send information to the server in order to classify types of network attacks. The proposed IDPS also allows system administrator to update existing detection rule sets or learn new training datasets with a friendly graphic user interface. In our experiments, we can correctly detect and prevent network attacks with high accuracy, more than 97 %. © 2014, Springer Science+Business Media New York.


Keywords

Web-based IDPS


Last updated on 2023-23-09 at 07:36