Intrusion Detection Management System for eCommerce security

Jens Lichtenberg, Jorge Marx Gómez

2005

Abstract

One of the main problems in eCommerce applications and all other systems handling confidential information in general, is the matter of security. This paper introduces the idea of an intrusion detection management system to support the security. Intrusion detection per se, is the act of detecting an unauthorized intrusion by a computer or a network from the inside or the outside of the affected system, making an intrusion the attempt to compromise or otherwise do harm to other network devices. Next to the normal intrusion detection system an Intrusion Management System applies different Intrusion Detection Systems to not only detect a threat but also analyze it and propose counter measures to avoid the compromise of the guarded system. For the treatment plan, depending on the analysis, a multitude of counter measures is identified and ranked. The counter measure identification is done using data mining techniques on a counter measure repository, the final ranking through sorting algorithms. Of the numerous data mining techniques applicable for diagnostic or analytic purposes the nearest neighbor and the correlation coefficient techniques have been implemented. A feasibility study has shown that an analyzer can match a problem against a solution repository and find the optimal treatment suggestions, applied with a ranking, in an acceptable short period of time. Future work will include the analysis of attack characteristics and goals, and the interaction between system manager, response planning and execution module and the attack analyzer. Furthermore the counter measure repository will be evaluated and updated.

References

  1. BEALE, J., FOSTER, J. C. and POSLUNS, J. (2003) Snort 2.0 Intrusion Detection
  2. BRANDT, S. et al. (1998): A dynamic quality of service middleware agent for mediating application resource usage
  3. FLEEMAN, D. et al. (2002): Quality-based Adaptive Resource Management Architecture (QUARMA): A CORBA Resource Management Service
  4. HABAN, D. and SHIN, K. G. (1990): Applications of real-time monitoring for scheduling tasks with random execution times
  5. LEE, C., SIEWIOREK, D. and RAJKUMAR, R. (1997): A Resource Allocation Model for QoS Management IEEE
  6. LEE, C. and SIEWIOREK, D. (1998): An Approach for Quality of Service Management
  7. MOERLAND, T. (2002) Resource Management and Scheduling http://www.liacs.nl/home/llexx/gc/rm.pdf
  8. TJADEN, B. et al. (2000): INBOUNDS: The integrated, Network-Based Ohio University Network Detective Service Webster's Online Dictionary
  9. WEBSTER (2001): Webster's Online Dictionary (2001)
  10. WELCH, L. R. (1998): Specification, Modeling, Analysis of Dynamic Real-Time Systems
  11. WELCH, L. R. and SHIRAZI, Behrooz A. (1998): Distributed, Scalable, Dependable RealTime Systems: Middleware Services and Applications
  12. WOLF, F. (2004) Performance Measurement 1, Class Notes
Download


Paper Citation


in Harvard Style

Lichtenberg J. and Marx Gómez J. (2005). Intrusion Detection Management System for eCommerce security . In Proceedings of the 5th International Workshop on Pattern Recognition in Information Systems - Volume 1: PRIS, (ICEIS 2005) ISBN 972-8865-28-7, pages 134-143. DOI: 10.5220/0002520101340143


in Bibtex Style

@conference{pris05,
author={Jens Lichtenberg and Jorge Marx Gómez},
title={Intrusion Detection Management System for eCommerce security},
booktitle={Proceedings of the 5th International Workshop on Pattern Recognition in Information Systems - Volume 1: PRIS, (ICEIS 2005)},
year={2005},
pages={134-143},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002520101340143},
isbn={972-8865-28-7},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 5th International Workshop on Pattern Recognition in Information Systems - Volume 1: PRIS, (ICEIS 2005)
TI - Intrusion Detection Management System for eCommerce security
SN - 972-8865-28-7
AU - Lichtenberg J.
AU - Marx Gómez J.
PY - 2005
SP - 134
EP - 143
DO - 10.5220/0002520101340143