Refine your search
Collections
Co-Authors
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All
Trivedi, Bhushan
- An Algorithm to Implement Dynamic Access Control Using Anomaly Based Detection with VLAN Steering
Abstract Views :500 |
PDF Views:2
Authors
Source
National Journal of System and Information Technology, Vol 3, No 2 (2010), Pagination: 156-165Abstract
Intrusion Detection and Prevention Systems, IDPS, are mature network level defenses deployed in thousands of computer networks worldwide. The basic difference between detection and prevention technique lies in how it provides protection for network environments. An IDS monitors logged data and compares it with attack signatures to detect unwanted access. For such identification, IDS normally uses signatures or any unique characteristics of such attacks. In this paper, we have designed an algorithm to achieve dynamic access control. Dynamic access control requires implementation of three functionalities: traffic monitoring, validation and policy enforcement. In this algorithm, traffic monitoring and validation is done using anomaly based detection during access. For policy enforcement and preventing attacks, we have chosen VLAN Steering method. The reason for choosing VLAN steering is that it can be used with both out-of-band approach as well as in-band approach also. We need to implement both approaches to achieve access control dynamically. It helps to prevent insider as well as outsider attacks to a network. To prove the concept of blocking a malicious host after it is successfully admitted in a network, we present an example and a working algorithm for anomaly based detection. This algorithm uses IDS logged data from database for traffic monitoring and validation. It also updates signatures stored in signature database. An IPS sensor helps perform VLAN Steering in our system for quarantining suspicious hosts.References
- Dain, O. and Cunningham, R 2001.Fusing a heterogeneous alert stream into scenarios. In proceedings of the 2001 workshop on Data Mining for Security Applications. 1-13
- Kumar, S and Spafford, E.H. 1994. A pattern matching model for misuse intrusion detection. In proceedings of the 17’Th National Computer Security Conference 11- 21.
- Peng Ning, Yun CUI, Douglas Reeves and Dingbang XU, 2004 ACM Transactions on Information and Security, Techniques and Tools for analyzing intrusion alerts.
- www.snort.org
- Subramanian Neelakantan & Shrisha Rao, A threat aware anomaly-based IDS for obtaining network specific useful alarms.
- Expert System Implemented for Problem Solving in Commerce/business Domain
Abstract Views :472 |
PDF Views:2
Authors
Source
National Journal of System and Information Technology, Vol 4, No 2 (2011), Pagination: 132-142Abstract
The application of Expert Systems in commerce/business domain is relatively new research area. The rapid growth of artificial intelligence has lead to the development and implementation of expert systems for the purpose of commerce/business problem solving. This generated a need for analysis and review of Expert Systems in commerce/business domain. Here a few expert systems already implemented in the area of resource allocation/ space utilization are reviewed. In addition, analysis is provided based on the following factors: Objective of system, need for the system, development environment, heuristics used, user interaction, knowledge base, explanation facility, inference engine, knowledge update facility, performance evaluation, and category of expert system. At the end, comparisons between expert systems based on the above factors are provided. Though complete comparison is not possible, because each expert system is supposed to be expert in its own domain and work in the specified domain with given constraints. Still comparison enabled me to identify the factors which should be considered for the development of expert system in human resource area. The main objective of the analysis and review is to be acquainted with knowledge to develop Expert System in other domains. At the end of the paper, guidelines for developing Expert Systems are presented.Keywords
Expert Systems, Explanation Facility, Inference Engine, Knowledge Update Facility, Resources AllocationReferences
- David Rolston, (1988), “principles of artificial intelligence and expert systems development”, Tata McGraw Hill, Chap-1, page 1.
- Davis, (1985), “problem solution with expert system”, Texas instruments, Dallas.
- Ehud Gudes, Tsvi Kuflik and Amnon Meisels, (1990), “An Expert System Based Methodology for Solving Resource Allocation Problems”, ACM 089791-372- 8/90/007/0309.
- Ron Lemaster, (1990), “ALEX- An Expert System for Truck Loading”, IBM Commercial Systems Integration Boulder, ACM 089791-372-8/90/0007/0638.