Scribd
Upload
13 views15 pages

SKN Report

This seminar report presents a real-time intrusion detection system (RT-IDS) utilizing supervised machine learning techniques, specifically highlighting the effectiveness of the Decision Tree method in classifying network data as normal or attack. The report includes acknowledgments, an abstract, and sections detailing the motivation, purpose, scope, related work, discussion, conclusion, and project definition. It serves as a partial fulfillment of the requirements for a degree in Information Technology at the University of Pune.

Uploaded by

pranav
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
13 views15 pages

SKN Report

This seminar report presents a real-time intrusion detection system (RT-IDS) utilizing supervised machine learning techniques, specifically highlighting the effectiveness of the Decision Tree method in classifying network data as normal or attack. The report includes acknowledgments, an abstract, and sections detailing the motivation, purpose, scope, related work, discussion, conclusion, and project definition. It serves as a partial fulfillment of the requirements for a degree in Information Technology at the University of Pune.

Uploaded by

pranav
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

A PROJECT BASED SEMINAR REPORT ON

Seminar Title

SUBMITTED TO THE UNIVERSITY OF PUNE, IN THE PARIAL


FULFILLMENT OF THE REQUIREMENTS FOR THE AWARD OF
THE DEGREE
OF

TE
INFORMATION TECHNOLOGY

SUBMITTED BY,

MR./MS...............

UNDER THE GUIDANCE OF

PROF. ...........

SINHGAD TECHNICAL EDUCATION SOCIETY


SKN SINHGAD INSTITUTE OF TECHNOLOGY &
SCIENCE, LONAVALA

GAT NO. 309, KUSGAON (BK.) OFF MUMBAI-PUNE EXPRESSWAY,


LONAVALA, TAL - MAVAL, DIST - PUNE - 410401.
ACADEMIC YEAR: 2017-2018
This is to certify that the seminar report entitled

Name of Seminar
SUBMITTED BY,

MR./MS..............
Exam Seat No:

Is a bonafide work carried out by him/ her under the supervision of Prof........ and it
is approved for the partial fulfillment of the requirement of University of Pune,

The seminar work has not been earlier submitted to any other institute or university
for the award of degree or diploma.

Prof........................ Prof........................... Prof. G. M. Kadam


Project Guide PBS Co-ordinator HOD
Acknowledgement

I express my sense of gratitude towards my seminar guide Prof........... for his valuable
guidance at every step of study of this seminar, also his contribution for the solution
of every problem at each stage.
I am thankful to Prof. G. M. Kadam Head of the Department of Information Tech-
nology, all the staff members and PBS Coordinator Prof........... who extended the
preparatory steps of this seminar. I am very much thankful to respected Principal Dr.
M. S. Rohakale for his support and providing all facilities for seminar.
Finally I want to thank to all of my friends for their support & suggestions. Last
but not the least I want to express thanks to my family for giving me support and
confidence at each and every stage of this seminar.

Your Name

I
Abstract

The popularity of using Internet contains some risks of network attacks. Intrusion
detection is one major research problem in network security, whose aim is to identify
unusual access or attacks to secure internal networks. In literature, intrusion detection
systems have been approached by various machine learning techniques.
In this literature, we propose a real-time intrusion detection approach using a super-
vised machine learning technique. Our approach is simple and efficient, and can be
used with many machine learning techniques. We applied different well-known machine
learning techniques to evaluate the performance of our IDS approach. Our experimen-
tal results show that the Decision Tree technique can outperform the other techniques.
Therefore, we further developed a real-time intrusion detection system (RT-IDS) using
the Decision Tree technique to classify on-line network data as normal or attack data.
Keywords:

II
Contents

Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . I
Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . II
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . III
List of Figures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . IV
List of Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . V

1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

2 Motivation, Purpose and Scope . . . . . . . . . . . . . . . . . . . . . . 3


2.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2.2 Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2.3 Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

3 Related Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

4 Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
4.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

5 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
5.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

6 Project Definition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
6.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

III
List of Figures

1.1.1 IDS Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

IV
List of Tables

V
Chapter 1

Introduction

1.1 Overview
The Internet has become a part of daily life and an essential tool to-
day. It aids people in many areas, such as business, entertainment and education, etc.
In particular, Internet has been used as an important component of business models
For the business operation, both business and customers apply the Internet application
such as website and e-mail on business activities. Therefore, information security of
using Internet as the media needs to be carefully concerned. Intrusion detection is one
major research problem for business and personal networks[1].
Relying on a firewall system alone is not sufficient to prevent a corporate network
from all types of network attacks. This is because a firewall cannot defend the net-
work against intrusion attempts on open ports required for network services. Hence,
an intrusion detection system (IDS) is usually installed to complement the firewall.
An IDS collects information from a network or computer system, and analyses the
information for symptoms of system breaches. As shown schematically in Fig. 1, a
network IDS monitors network data and gives an alarm signal to the computer user
or network administrator when it detects antagonistic activity on an open port. This
signal allows the recipient to inspect the system for more symptoms of unauthorized
network activities[2].

1
Seminar Title

Figure 1.1.1: IDS Environment

Compared with other related works in data mining-based intru-


sion detectors, we proposed to calculate the mean value via sampling different ratios of
normal data for each measurement, which lead us to reach a better accuracy rate for
observation data in real world. We compared the accuracy, detection rate, false alarm
rate for four attack types. More over, it shows better performance than KDD Winner,
especially for U2R type and R2L type attacks.[4]
Network intrusion detection systems can be classified into two types which are host-
based and network-based intrusion detection. Host-based detection captures and an-
alyzes network data at the attacked system itself while the network-based detection
captures and inspects online network data at the network gateway or server, before
the attack reaches the end users. In addition, network intrusion detection systems can
operate in two modes which are off-line detection and on-line detection. An off-line
network intrusion detection system periodically analyzes or audits network informa-
tion or log data to identify suspected activities or intrusions. In an on-line network
intrusion detection system, the network traffic data has to be inspected as it arrives
for detecting network attacks or malicious activities.[2]

SKNSITS, Lonavala. 2 Department of Information Technology


Chapter 2

Motivation, Purpose and Scope

2.1 Motivation

2.2 Purpose

2.3 Scope

3
Chapter 3

Related Work

3.1 Overview

4
Chapter 4

Discussion

4.1 Overview

5
Chapter 5

Conclusion

5.1 Overview

6
Chapter 6

Project Definition

6.1 Overview

7
References

[1] Yi-Hua E. Yang, Hoang Le, Viktor K. Prasanna: High Performance Dictionary-
Based String Matching for Deep Packet Inspection, IEEE 978-1-4244-5837-0.

[2] M. Roesch: Snort-Lightweight Intrusion Detection for Networks, 13th Systems Ad-
ministration Conference, USENIX, 1999.

[3] M. Roesch: Snort-Lightweight Intrusion Detection for Networks, 13th Systems Ad-
ministration Conference, USENIX, 1999.

[4] Yi-Hua E. Yang, Hoang Le, Viktor K. Prasanna: High Performance Dictionary-
Based String Matching for Deep Packet Inspection, IEEE 978-1-4244-5837-0.

[5] SourceFire Inc., http://www.SourceFire.com/

[6] www.cavium.com/pdfFiles/CSS-DPI-White-Paper.pdf

[7] www.Porto.polito.it/2375838/1/11JNSMLightweightDPI

[8] www.waikato.ac.nz./ml/weka

You might also like