|Project Description: ||Intrusion detection is the art of detecting and responding to resource misuse. An Intrusion detection system (IDS) assists in managing threats and vulnerabilities in the changing environment of the network. Data mining methods have been used to build automatic intrusion detection systems based on anomaly detection. Data mining attempts to extract implicit, previously unknown and potentially useful information from data. A Data mining based IDS helps in alleviating the problem of automatically detecting anomalous patterns in large volumes of audit data.
A Web-based data mining tool to analyze intrusions is developed. This data mining tool describes the behavioral forensics in intrusion detection. This tool finds anomalous activity that uncovers a real attack process and identifies long and ongoing patterns. This tool analyzes host based traffic features, time based traffic features, protocol based traffic features, and the associated intrusions. With the help of this tool rules can be generated to capture the behavior of the intrusions and normal activity.