Abstract
In the recent years, organizations face the ever growing challenge of providing security in the network infrastructure. An intrusion detection system is essentially a spruced up, intelligent variant of a firewall which does deep packet analysis which generate alerts but cannot predict multistep attacks. In this work, we propose an intrusion prediction system (IPS) with the extension of a commercial SIEM framework, namely open source security information management (OSSIM), to perform the event analysis and to predict future probable multistep attacks before they pose a serious security risk. Security information and event management (SIEM) framework affirms network protection by the correlation and management of network log files. Data mining techniques are used for processing of all normalized data from OSSIM and also for classification.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Liu, S., Zhou, Z., Zhan, M.: Toward intelligent intrusion prediction for wireless sensor networks using three-layer brain-like learning. Int. J. Distrib. Sens. Netw. 2012(243841), 14 (2012)
MeeraGandhi, G.: Machine learning approach for attack prediction and classification using supervised learning algorithms. Int. J. Comput. Sci. Commun. 1(2), July–December (2010)
Abadyz, C., Taylory, J., Senguly, C.: Log Correlation for Intrusion Detection: A Proof of Concept
Zope, A.R., Vidhate, A.: Data minding approach in security information and event management. J. Future Comput. Commun. (2013)
Oo, T.T., Phyu, T.: A statistical approach to classify and identify DDoS attacks using UCLA dataset. Int. J. Adv. Res. Comput. Sci. Technol. (IJARCET) 2(5) (2013)
Hu, W., Liao, Y., Vemuri, V.R.: Robust Anomaly Detection Using Support Vector Machines
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer India
About this paper
Cite this paper
Anumol, E.T. (2015). Use of Machine Learning Algorithms with SIEM for Attack Prediction. In: Jain, L., Patnaik, S., Ichalkaranje, N. (eds) Intelligent Computing, Communication and Devices. Advances in Intelligent Systems and Computing, vol 308. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2012-1_24
Download citation
DOI: https://doi.org/10.1007/978-81-322-2012-1_24
Published:
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-2011-4
Online ISBN: 978-81-322-2012-1
eBook Packages: EngineeringEngineering (R0)