Scribd
Upload
33 views3 pages

Intruder Detection System Over Abnormal Internet Sequence

This document describes the design and implementation of a mini search engine. It discusses storing documents in files and indexing them using hashing functions for easier retrieval. It also discusses searching the indexed documents using trees, such as AVL or balanced binary search trees, and storing lists of documents for each word. Boolean queries with AND and OR operators will be supported to retrieve documents matching the keywords.

Uploaded by

pratiksha khamkar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
33 views3 pages

Intruder Detection System Over Abnormal Internet Sequence

This document describes the design and implementation of a mini search engine. It discusses storing documents in files and indexing them using hashing functions for easier retrieval. It also discusses searching the indexed documents using trees, such as AVL or balanced binary search trees, and storing lists of documents for each word. Boolean queries with AND and OR operators will be supported to retrieve documents matching the keywords.

Uploaded by

pratiksha khamkar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Intruder Detection System Over Abnormal Internet Sequence

Introduction
This paper reports the design principles and evaluation results of a new experimental hybrid invasion
detection system (HIDS). This hybrid system combines the advantages of low false-positive rate of
signature-based invasion detection system (IDS) and the ability of anomaly detection system (ADS)
to detect novel unknown attacks.
By mining anomalous traffic sequences from Internet connections, we build an ADS that detects
anomalies beyond the capabilities of signature-based SNORT or Bro systems. A weighted signature
generation scheme is developed to integrate ADS with SNORT by extracting signatures from
anomalies detected.
HIDS extracts signatures from the output of ADS and adds them into the SNORT signature database
for fast and accurate invasion detection. By testing our HIDS scheme over real-life Internet trace
data mixed with 10 days of Massachusetts Institute of Technology/ Lincoln Laboratory (MIT/LL)
attack data set, our experimental results show a 60 percent detection rate of the HIDS, compared
with 30 percent and 22 percent in using the SNORT and Bro systems, respectively.
This sharp increase in detection rate is obtained with less than 3 percent false alarms. The
signatures generated by ADS upgrade the SNORT performance by 33 percent. The HIDS approach
proves the vitality of detecting invasions and anomalies, simultaneously, by automated data mining
and signature generation over Internet connection sequences.

SYSTEM REQUIREMENTS
HARDWARE REQUIREMENTS
Processor : Intel Pentium IV
RAM : 512 MB
Hard Disk : 40GB

SOFTWARE REQUIREMENTS
Operating System : Windows 98,2000,xp
Tools : jdk1.5.0
Technologies : Java Swings, JDBC, Servlets
Implementation Of a Mini Search Engine
Introduction

In this project, we will design and implement a mini search engine


that is used to search through a colle ction of documents . The data
struc tures used are files for sto rin g, has h tab les for ind exi ng and
tre es for search ing the doc ume nts .

The documents will be stored using files and given a set of texts and a
query, the search engine will locate all the documents that contain
the keywords in that query. The purpose of this project is to provide
an overview of how a search engine works and to gain hands-on
experience in using hash tables, files and trees.

Indexing

The documents stored as files will be indexed based on their


words/tokens using hashing functions. This is done in order to make it
easier to retrieve the required documents.

Searching
Searching will be done using trees, and depend in g upon th
eefficiency an d complexity of the algorithm we will use AVL trees or
balanced binary search trees. In order to allow efficient searching, for
every word a list of documents where it will occur will be stored. The
queries may contain simple Boolean operators, that is AND/OR, which
act in a similar manner with the well-known analogous logical
operators. For each such query, the document that satisfies that
query will be displayed.

For instance, a query:

Keyword1 AND Keyword2 -- should retrieve all documents that


contain both these keywords (elements).

Keyword1 OR Keyword2 -- instead will retrieve documents that


contain either one of the two keywords

You might also like