Intrusion Detection using Log Datasets Based on Severity in Machine Learning
Author : Greshma P Sebastian and Gopika Chingan
Abstract :
Cyber-attacks have become an ongoing challenge for businesses to protect their information from. A solution to this problem is the use of a network security operating system, which monitors logs for unusual traffic and can prevent security incidents. However, these systems generate massive amounts of logs, which require an automated method to identify potential cyber-attacks. One such method is a log-based intrusion detection system, which predicts the presence or absence of attacks by analyzing selected functions from the collected logs. The effectiveness of various machine learning algorithms is tested to determine the best one for intrusion detection.
Key features are identified from logs collected from various sources, and the best machine learning algorithm is selected based on the results of the testing. The goal is to have an effective system that can detect potential attacks in real-time, classify the events and minimize false alarms to improve the overall security operations. In summary, a log-based intrusion detection system is a powerful tool for businesses to safeguard their information from cyber-attacks by using machine learning algorithms to analyze the logs. By testing various algorithms, the best one is selected to ensure the most effective and efficient detection of intrusions.
Keywords :
Intrusion detection, machine learning, logs, security
