Skip to main content
SpringerLink
Log in

Analysis of alarms to prevent the organizations network in real-time using process mining approach

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

The analysis of alarms in the current intrusion detection system depends upon the manual system by network administrators. Due to the manual analysis, still many organizations are facing the false alarm problem causing the performance deficiency. In this manuscript, a model has been proposed for profile-based system, which will work on real time to analyze the suspicious activities and detect the intrusion automatically. The proposed model will also analyze the alarms to detect attacks and give the automatic response to prevent in real time. Processes were compared with original log events with tempered log events and the difference was found. Our extended work will be to develop the plugin in java with the combination of proposed algorithm, which could be imbedded in the tool to get the automatic response.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Ambre, A., Shekokar, N.: Insider Threat Detection Using Log analysis and Event Correlation, Procedia Computer Science 45(2015), pp. 436–445. Elsevier Science Direct, Amsterdam (2015)

    Google Scholar 

  2. www.mcafee.com/us/resources/reports/rp-quarterly-threat-q1-2015.pdf. Accessed 27 May 2017

  3. www.mcafee.com/us/resources/reports/rp-quarterly-threats-mar-2016.pdf. Accesse 27 May 2017

  4. Pawar, M.V., Anuradha, J.: Network Security and Types of Attack in Network, Procedia Computer Science 48(2015), pp. 503–506. Elsevier Science Direct, Amsterdam (2015)

    Google Scholar 

  5. Salama, S.E., Marie, M.I., El-Fangary, L.M., Helmy, Y.K.: Web server logs preprocessing for web intrusion detection. Comput. Inf. Sci. 4(4), 123–133 (2011)

  6. www.cisco.com; The Zettabyte Era: Trends and Analysis, Updated: June 7, 2017, Document ID: 1465272001812119

  7. Mostaque, Md, Hassan, M.: Current studies on intrusion detection system, genetic algorithm and fuzzy logic. Int. J. Distrib. Parallel Syst. (IJDPS) 4(2), 35–47 (2013)

    Article  Google Scholar 

  8. Corney, M., Mohay, G., Clack, A.: Detection of Anomalies from User Profiles Generated from System Logs, AISC 2011, Perth Australia, CRPIT Volume 116-Information Security 2011, pp. 23–31 (2011)

  9. Security in Wireless Sensor Networks: Key Management Module in EECBKM”, World Congress on Computing and Communication Technologies on Feb 27–28 and 1st March 2014, on St. Joseph College, Trichy. http://doi.ieeecomputersociety.org/10.1109/WCCCT.2014.125

  10. de Alvarenga, S.C., Zarpelão, B.B., Barbon, S., Jr., Miani, R.S., Cukier, M.: Discovering Attack Strategies Using Process Mining, AICT 2015: The Eleventh Advanced International Conference on Telecommunications, pp. 119–125 (2015)

  11. Beerra, F., Wainer, J.: Anomaly detection algorithms in business process logs, ICEIS 2008. In: Proceedings of the Tenth International Conference on Enterprise Information Systems, AIDSS (2008)

  12. Escamilla, T.: Intrusion Detection: Network Security Beyond the Firewall. Wiley, New York, NY, USA. ISBN:0-471-29000-9, ACM, (1998)

  13. Bezerra, F., Wainer, J.: Anomaly detection algorithms in logs of process aware systems, SAC 2008: In: Proceedings of the 2008 ACM Symposium on Applied Computing, ACM Press, pp. 951–952 (2008)

  14. Van der Aalst, W.M.P.: Process Mining: Discovery, Conformance and Enhancement of Business Processes. Springer, New York (2011)

    Book  Google Scholar 

  15. Claes, J., Poels, G.: Merging event logs for process mining: a rule based merging method and rule suggestion algorithm. Expert Syst. Appl. 41(16), 7291–7306 (2014)

    Article  Google Scholar 

  16. Green Technologies for the Energy-optimized Cloud. Asian J. Res. Soc. Sci. Hum. 6(6), Special Issue June (2016)

  17. Bae, J., Liu, L., Caverlee, J., Rouse, W.B.: Process mining, discovery, and integration using distance measures. In: IEEE International Conference on Web Services (ICWS’06) (2006)

  18. www.processmining.org. Accessed 30 Sep 2017

  19. Mishra, V.P., Balvinder, S.: Process Mining in Intrusion Detection—The Need of Current Digital World. Springer Nature Singapore Pte Ltd. 2017: CCIS 712, pp. 238–246 (2017)

  20. Mishra, V.P., Balvinder, S.: Development of Simulator for Intrusion Detection System to Detect and Alarm the DDoS Attacks. In: IEEE International Conference on Infocom Technologies and Unmanned Systems (ICTUS’2017) (Trends and Future Directions), 10–12 December 2017 (2017)

  21. Mishra, V.P., Yogesh, W., Subheshree, J: Detecting attacks using big data with process mining. Int. J. Syst. Model. Simul. 2(2), 5–7 (2017)

    Article  Google Scholar 

Download references

Acknowledgements

I sincerely thank to my parents, wife, guide, friends and colleagues who encourage me to write this manuscript. Thank to Dr. Ishu Sharma, who helped and supported me for this.

Author information

Authors and Affiliations

  1. Amity University, Dubai, United Arab Emirates

    Ved Prakash Mishra

  2. Amity University, Noida, Uttar Pradesh, India

    Balvinder Shukla

  3. Amity School of Engineering and Technology, Noida, India

    Abhay Bansal

Authors
  1. Ved Prakash Mishra
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Balvinder Shukla
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Abhay Bansal
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ved Prakash Mishra.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Mishra, V.P., Shukla, B. & Bansal, A. Analysis of alarms to prevent the organizations network in real-time using process mining approach. Cluster Comput 22 (Suppl 3), 7023–7030 (2019). https://doi.org/10.1007/s10586-018-2064-8

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-018-2064-8

Keywords

Search

Navigation