An Analytic Method for Designing Countermeasures against Computer Intrusions

作     者：Joshua Ojo Nehinbe Solanke Olakunle O. Nehibe Johnson Ige 

作者机构：UK College of Business and Computing llford Essex London IG2 6NW United Kingdom Department of Computer Science Olabisi Onabanjo University Ago lwoye Nigeria Internal Control Nebson Limited Lagos Nigeria 

出 版 物：《通讯和计算机（中英文版）》 (Journal of Communication and Computer)

年 卷 期：2014年第11卷第1期

页      码：10-21页

摘      要：Detectives and intrusion analysts are facing classical challenges on how to diligently investigate intrusion logs and simultaneously lessen the problems of undervaluation, overvaluation and reevaluation of computer intrusions. Fundamentally, clustering analysis of intrusion logs can determine nature of the countermeasures that will be proposed against online intrusions under evaluation. Practically, some clustering methods can degenerate to elaborate countermeasures. In this era of Big Data, clustering can also underestimate categories of smaller relationships within an intrusion log. Besides, existing methods still confirm that several countermeasures rarely guarantee enough protection of computerized resources from computer intruders. Thus, the development of how to thwart numerous attacks in progress in single operation is a favorite topic in computer security engineering. Therefore, the purpose of this paper is to propose Intrusion Prognostic Model to descriptively and statistically describe a predictor to lessen the above issues. Furthermore, C++ programming language is used to implement the model. Evaluations on some datasets demonstrate the existence of four important probabilistic characteristics of alerts within intrusion logs. The results also explicate the existence of some extremely smaller relationships that are subsumed in other small relationships which may not necessarily generate big relationships. Finally, the results reveal that the efficacy of the proposed predictor can increase from 3.3793% to about 96.6207% accuracy during intrusion prognosis.

主 题 词：电脑入侵 解析方法 计算机资源 设计 预测模型 聚类分析 聚类方法 安全工程 

学科分类：0839[0839] 08[工学] 081201[081201] 0812[工学-测绘类] 

馆 藏 号：203115045...