IIDS

Abstract

The most computer systems use user IDs and passwords as the login patterns to authenticate users. However,
many people share their login patterns with coworkers and request these coworkers to assist co-tasks, thereby making the
pattern as one of the weakest points of computer security. Insider attackers, the valid users of a system who attack the
system internally, are hard to detect since most intrusion detection systems and firewalls identify and isolate malicious
behaviors launched from the outside world of the system only. In addition, some studies claimed that analyzing system
calls (SCs) generated by commands can identify these commands, with which to accurately detect attacks, and attack
patterns are the features of an attack. The proposed work is regarded with Digital forensics technique and intrusion
detection mechanism. The number of hacking and intrusion incidents is increasing alarmingly each year as new
technology rolls out. The system designed Intrusion Detection System (IDS) that implements predefined algorithms for
identifying the attacks over a network. Therefore, in this project, a security system, named the Internal Intrusion
Detection and Protection System (IIDPS), is proposed to detect insider attacks at SC level by using data mining and
forensic techniques. The system can identify a user‘s forensic features by analyzing the corresponding SCs to enhance
the accuracy of attack detection, and able to port the IIDPS to a parallel system to further shorten its detection response
time.