Anomaly-based intrusion detection and prevention system on website usage using rule-growth sequential pattern analysis: Case study: Statistics of Indonesia (BPS) website

2014 International Conference of Advanced Informatics: Concept, Theory and Application (ICAICTA) Pub Date : 2014-08-01 DOI:10.1109/ICAICTA.2014.7005941

Yohanes Wahyu Trio Pramono, Suhardi

{"title":"Anomaly-based intrusion detection and prevention system on website usage using rule-growth sequential pattern analysis: Case study: Statistics of Indonesia (BPS) website","authors":"Yohanes Wahyu Trio Pramono, Suhardi","doi":"10.1109/ICAICTA.2014.7005941","DOIUrl":null,"url":null,"abstract":"Websites are now widely used by many public and private sectors known to be the most popular system that is able to reach many users in many platforms through internet. Since websites are generally placed as a public domain, there is a large chance of intruders to compromise the system at any time. C-panel raw access log data nowadays widely used by many security tools to analysis the user behaviors regarding to the activities on the web, however they commonly provide the descriptive analysis, rather than prescriptive analysis for prediction and estimation. In this paper, we introduce the solution about the website security protection mechanism by investigating the user behaviors using sequential rule-pattern analysis. Rule-patterns of user behaviors are created by mining the log data with sequential pattern analysis in near real time. Using anomaly-based intrusion detection and prevention system approach, our proposed system then can predict the user behaviors activities whether identified as baseline patterns or malicious patterns.","PeriodicalId":173600,"journal":{"name":"2014 International Conference of Advanced Informatics: Concept, Theory and Application (ICAICTA)","volume":"120 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Conference of Advanced Informatics: Concept, Theory and Application (ICAICTA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICAICTA.2014.7005941","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 12

Abstract

Websites are now widely used by many public and private sectors known to be the most popular system that is able to reach many users in many platforms through internet. Since websites are generally placed as a public domain, there is a large chance of intruders to compromise the system at any time. C-panel raw access log data nowadays widely used by many security tools to analysis the user behaviors regarding to the activities on the web, however they commonly provide the descriptive analysis, rather than prescriptive analysis for prediction and estimation. In this paper, we introduce the solution about the website security protection mechanism by investigating the user behaviors using sequential rule-pattern analysis. Rule-patterns of user behaviors are created by mining the log data with sequential pattern analysis in near real time. Using anomaly-based intrusion detection and prevention system approach, our proposed system then can predict the user behaviors activities whether identified as baseline patterns or malicious patterns.

查看原文本刊更多论文

使用规则增长顺序模式分析的基于异常的网站使用入侵检测和预防系统:案例研究:印度尼西亚(BPS)网站统计

网站现在被许多公共和私营部门广泛使用，被认为是最受欢迎的系统，能够通过互联网在许多平台上接触到许多用户。由于网站通常被置于公共领域，因此入侵者在任何时候都有很大的机会破坏系统。C-panel原始访问日志数据目前被许多安全工具广泛用于分析用户在网络上的活动行为，但它们通常提供描述性分析，而不是用于预测和估计的规定性分析。本文采用顺序规则模式分析的方法，通过对用户行为的研究，提出了网站安全保护机制的解决方案。通过对日志数据进行近实时的序列模式分析，生成用户行为的规则模式。利用基于异常的入侵检测和防御系统方法，我们提出的系统可以预测用户行为活动，无论是识别为基线模式还是恶意模式。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2014 International Conference of Advanced Informatics: Concept, Theory and Application (ICAICTA)

自引率

0.00%

发文量