Advertisement

Cluster Computing

, Volume 22, Supplement 3, pp 7023–7030 | Cite as

Analysis of alarms to prevent the organizations network in real-time using process mining approach

  • Ved Prakash MishraEmail author
  • Balvinder Shukla
  • Abhay Bansal
Article

Abstract

The analysis of alarms in the current intrusion detection system depends upon the manual system by network administrators. Due to the manual analysis, still many organizations are facing the false alarm problem causing the performance deficiency. In this manuscript, a model has been proposed for profile-based system, which will work on real time to analyze the suspicious activities and detect the intrusion automatically. The proposed model will also analyze the alarms to detect attacks and give the automatic response to prevent in real time. Processes were compared with original log events with tempered log events and the difference was found. Our extended work will be to develop the plugin in java with the combination of proposed algorithm, which could be imbedded in the tool to get the automatic response.

Keywords

Attacks Event logs Audit trails Process mining Data mining Intrusion 

Notes

Acknowledgements

I sincerely thank to my parents, wife, guide, friends and colleagues who encourage me to write this manuscript. Thank to Dr. Ishu Sharma, who helped and supported me for this.

References

  1. 1.
    Ambre, A., Shekokar, N.: Insider Threat Detection Using Log analysis and Event Correlation, Procedia Computer Science 45(2015), pp. 436–445. Elsevier Science Direct, Amsterdam (2015)Google Scholar
  2. 2.
  3. 3.
  4. 4.
    Pawar, M.V., Anuradha, J.: Network Security and Types of Attack in Network, Procedia Computer Science 48(2015), pp. 503–506. Elsevier Science Direct, Amsterdam (2015)Google Scholar
  5. 5.
    Salama, S.E., Marie, M.I., El-Fangary, L.M., Helmy, Y.K.: Web server logs preprocessing for web intrusion detection. Comput. Inf. Sci. 4(4), 123–133 (2011)Google Scholar
  6. 6.
    www.cisco.com; The Zettabyte Era: Trends and Analysis, Updated: June 7, 2017, Document ID: 1465272001812119
  7. 7.
    Mostaque, Md, Hassan, M.: Current studies on intrusion detection system, genetic algorithm and fuzzy logic. Int. J. Distrib. Parallel Syst. (IJDPS) 4(2), 35–47 (2013)CrossRefGoogle Scholar
  8. 8.
    Corney, M., Mohay, G., Clack, A.: Detection of Anomalies from User Profiles Generated from System Logs, AISC 2011, Perth Australia, CRPIT Volume 116-Information Security 2011, pp. 23–31 (2011)Google Scholar
  9. 9.
    Security in Wireless Sensor Networks: Key Management Module in EECBKM”, World Congress on Computing and Communication Technologies on Feb 27–28 and 1st March 2014, on St. Joseph College, Trichy. http://doi.ieeecomputersociety.org/10.1109/WCCCT.2014.125
  10. 10.
    de Alvarenga, S.C., Zarpelão, B.B., Barbon, S., Jr., Miani, R.S., Cukier, M.: Discovering Attack Strategies Using Process Mining, AICT 2015: The Eleventh Advanced International Conference on Telecommunications, pp. 119–125 (2015)Google Scholar
  11. 11.
    Beerra, F., Wainer, J.: Anomaly detection algorithms in business process logs, ICEIS 2008. In: Proceedings of the Tenth International Conference on Enterprise Information Systems, AIDSS (2008)Google Scholar
  12. 12.
    Escamilla, T.: Intrusion Detection: Network Security Beyond the Firewall. Wiley, New York, NY, USA. ISBN:0-471-29000-9, ACM, (1998)Google Scholar
  13. 13.
    Bezerra, F., Wainer, J.: Anomaly detection algorithms in logs of process aware systems, SAC 2008: In: Proceedings of the 2008 ACM Symposium on Applied Computing, ACM Press, pp. 951–952 (2008)Google Scholar
  14. 14.
    Van der Aalst, W.M.P.: Process Mining: Discovery, Conformance and Enhancement of Business Processes. Springer, New York (2011)CrossRefGoogle Scholar
  15. 15.
    Claes, J., Poels, G.: Merging event logs for process mining: a rule based merging method and rule suggestion algorithm. Expert Syst. Appl. 41(16), 7291–7306 (2014)CrossRefGoogle Scholar
  16. 16.
    Green Technologies for the Energy-optimized Cloud. Asian J. Res. Soc. Sci. Hum. 6(6), Special Issue June (2016)Google Scholar
  17. 17.
    Bae, J., Liu, L., Caverlee, J., Rouse, W.B.: Process mining, discovery, and integration using distance measures. In: IEEE International Conference on Web Services (ICWS’06) (2006)Google Scholar
  18. 18.
    www.processmining.org. Accessed 30 Sep 2017
  19. 19.
    Mishra, V.P., Balvinder, S.: Process Mining in Intrusion Detection—The Need of Current Digital World. Springer Nature Singapore Pte Ltd. 2017: CCIS 712, pp. 238–246 (2017)Google Scholar
  20. 20.
    Mishra, V.P., Balvinder, S.: Development of Simulator for Intrusion Detection System to Detect and Alarm the DDoS Attacks. In: IEEE International Conference on Infocom Technologies and Unmanned Systems (ICTUS’2017) (Trends and Future Directions), 10–12 December 2017 (2017)Google Scholar
  21. 21.
    Mishra, V.P., Yogesh, W., Subheshree, J: Detecting attacks using big data with process mining. Int. J. Syst. Model. Simul. 2(2), 5–7 (2017)CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  • Ved Prakash Mishra
    • 1
    Email author
  • Balvinder Shukla
    • 2
  • Abhay Bansal
    • 3
  1. 1.Amity UniversityDubaiUnited Arab Emirates
  2. 2.Amity UniversityNoidaIndia
  3. 3.Amity School of Engineering and TechnologyNoidaIndia

Personalised recommendations