Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
87 views

PROIDS: Probabilistic Data Structure Based Intrusion Detection System

The seminar discusses ProIDS, a probabilistic data structures based intrusion detection system for network traffic monitoring. The objectives are to provide intrusion detection to prevent network attacks and provide an efficient IDS. Existing methods have challenges with high network speeds. ProIDS uses a Bloom filter to store data on suspicious nodes and a modified Count-Min Sketch to analyze network traffic at low computational cost and storage. Experimental results show ProIDS has high accuracy and low false positive rates compared to existing methods. Future work aims to deploy ProIDS for malicious detection in streaming data.

Uploaded by

Aditi
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
87 views

PROIDS: Probabilistic Data Structure Based Intrusion Detection System

The seminar discusses ProIDS, a probabilistic data structures based intrusion detection system for network traffic monitoring. The objectives are to provide intrusion detection to prevent network attacks and provide an efficient IDS. Existing methods have challenges with high network speeds. ProIDS uses a Bloom filter to store data on suspicious nodes and a modified Count-Min Sketch to analyze network traffic at low computational cost and storage. Experimental results show ProIDS has high accuracy and low false positive rates compared to existing methods. Future work aims to deploy ProIDS for malicious detection in streaming data.

Uploaded by

Aditi
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 13

A Seminar On

“ProIDS: Probabilistic Data Structures based


Intrusion Detection System for Network Traffic Monitoring”

Presented by
Ms. Aditi Anil Adhav
OUTLINES:
 Introduction to the Domain

 Objective And Motivation

 Literature Review (Existing Methods)

 Details of technology

 Experimental Work

 Advantages and Disdavantages

 Conclusion & Future Scope

2
 References
Introduction To The Domain:
 With the advancements in information technology, networks are widely used in a
variety of markets. Hence, its security cannot be negotiated.

 The most important way for monitoring and analyzing network traffic against
various attacks is by the deployment of Intrusion detection systems (IDS).

 The domain introduces IDS based on probabilistic data structures named as ProIDS.

 In the proposed ProIDS, a popular probabilistic data structure (PDS), Bloom filter
has been used to store the information about the suspicious nodes.

3
Objective and Motivation:
 Objective:
 To provide intrusion detection for preventing network from malicious contents.

 To provide an IDS with more storage capacity and with less computational
time.

 Motivation:
 Increasing number of network attacks.

 Increasing requirement to store the attack signature.

 For addressing the issue of memory requirement and computational cost using
efficient data structures.
4
Literature Review (Existing Methods) :
 Some existing network based systems are:
NSM (Network Security Monitor; Axelsson, 1999),
NetSTAT (Vigna & Kemmerer, 1999),
Bro (Axelsson, 1999).

 One challenge that the existing network-based intrusion detection is facing is the
speed of high performance networks.

 The high-performance networks makes it very difficult to capture the network traffic.

 Existing network-based IDSs analyze network traffic data in a centralized place,


although they may collect data from various places in the network. This structure
limits the scale of the distributed systems that such IDSs can protect.

5
Details of technology:
 The proposed system introduces a technique of malicious detection, i.e.,
Probabilistic data structures based IDS (ProIDS).

 Bloom filter is used to store data of suspicious node to improve the performance of
membership testing phase.

 For monitoring and analyzing the network traffic, modified count min sketch is
proposed which results in low false positive ratio in comparison to the CMS.

6
Experimental Work :

Fig. 1. System Model for ProIDS

7
Experimental Work (Contd.):
 Monitoring Network Traffic:
In network monitoring task following steps are followed to detect suspects:

 Membership testing

 Track count for suspicious nodes

 Monitoring Heavy Hitters

8
Advantages:

 High accuracy with low false positive rate.

 More reliable and scalable in comparison to the existing method.

 Requires comparatively less computational time and storage in comparison to the


existing method.

 Do not consume the resources of the computers that are being protected.

9
Disadvantages:

 System may fail to recognize an attack launched during periods of high traffic.

 Modern switch-based networks make the system more difficult.

 Cannot analyze encrypted information.

 Cannot determine whether or not an attack was successful.

10
Conclusion and Future Scope
 Conclusion:
 As there is a growing need for analyzing the network traffic efficiently for
detecting and preventing malicious activities, a novel malicious detection
technique must be provided.
 Hence, the ProIDS achieves high accuracy with low false positive rate.

 Future Scope:
 A system to deploy the proposed ProIDS model for the detection of malicious
events in streaming data.

11
References
[1] A. Abduvaliyev, A.-S. K. Pathan, J. Zhou, R. Roman, and W.-C. Wong, “On the vital areas of intrusion detection
systems in wireless sensor networks,” IEEE Communications Surveys & Tutorials, vol. 15, no. 3, pp. 1223–1237,
2013.

[2] I. Butun, S. D. Morgera, and R. Sankar, “A survey of intrusion detection systems in wireless sensor networks,” IEEE
Communications Surveys & Tutorials, vol. 16, no. 1, pp. 266–282, 2014.

[3] A. A. Aburomman and M. B. I. Reaz, “A survey of intrusion detection systems based on ensemble and hybrid
classifiers,” Computers & Security, vol. 65, pp. 135–152, 2017.

[4] S. Geravand and M. Ahmadi, “Bloom filter applications in network security: A state-of-the-art survey,” Computer
Networks, vol. 57, no. 18, pp. 4047–4064, 2013.

[5] M. Aldwairi and K. Al-Khamaiseh, “Exhaust: Optimizing Wu-Manber pattern matching for intrusion detection using
bloom filters,” in Web Applications and Networking (WSWAN), 2015 2nd World Symposium on. IEEE, 2015, pp. 1–
6.

12
Thank You!

13

You might also like