Article Details

Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

Intrusion Detection System with Correlation Engine and Vulnerability Assessment

Author 1: D.W.Y.O. Waidyarathna
Author 2: W.V.A.C.Nayantha
Author 3: W.M.T.C.Wijesinghe
Author 4: Kavinga Yapa Abeywardena

Download PDF

Digital Object Identifier (DOI) : 10.14569/IJACSA.2018.090947

Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 9 Issue 9, 2018.

Abstract: The proposed Intrusion Detection System (IDS) which is implemented with modern technologies to address certain prevailing problems in existing intrusion detection systems’ is capable of giving an advanced output to the security analyst. Even though the network of an organization has been secured internally as well as externally the intruders find ways to penetrate the network. With the system that is proposed activities of those intruders can be identified with a higher probability even if managed to bypass security controls of the network. The goal of this project is to give a reliable output to the system users where all the alerts are more accurate and correlated using HIDS alerts and NIDS alerts which is similar to the modern SIEM concept. The system will perform as a centralized IDS by getting inputs from both HIDS and NIDS which gives data regarding the activities of hosts and network traffic. With those implementations, the system is capable of monitoring host activities, monitoring network traffic with existing tools and give a correlated output which is more accurate, advanced and reliable prioritizing the possible attacks by using machine learning techniques and rule-based correlation techniques. With all these capabilities final product is a fully automated Intrusion Detection System which gives correlated alerts as outputs with a less rate of false positives compared to the existing systems.

Keywords: Intrusion detection system (IDS); intrusion detection message exchange format (IDMEF); network intrusion detection system (NIDS); host intrusion detection system (HIDS); security information and event management (siem); correlation; machine learning

D.W.Y.O. Waidyarathna, W.V.A.C.Nayantha, W.M.T.C.Wijesinghe and Kavinga Yapa Abeywardena, “Intrusion Detection System with Correlation Engine and Vulnerability Assessment” International Journal of Advanced Computer Science and Applications(IJACSA), 9(9), 2018. http://dx.doi.org/10.14569/IJACSA.2018.090947

@article{Waidyarathna2018,
title = {Intrusion Detection System with Correlation Engine and Vulnerability Assessment},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2018.090947},
url = {http://dx.doi.org/10.14569/IJACSA.2018.090947},
year = {2018},
publisher = {The Science and Information Organization},
volume = {9},
number = {9},
author = {D.W.Y.O. Waidyarathna and W.V.A.C.Nayantha and W.M.T.C.Wijesinghe and Kavinga Yapa Abeywardena}
}

IJACSA

Upcoming Conferences

Future of Information and Communication Conference (FICC) 2022

3-4 March 2022

Computing Conference 2022

14-15 July 2022

IntelliSys 2022

1-2 September 2022

Future Technologies Conference (FTC) 2022

20-21 October 2022