Frequency : 12 issues per year
Subject : Computer Applications and Technology
ISSN : 2319–8656 (Online)
IJCATR Volume 9 Issue 2
A Hybrid Data Loss Detection and Prevention Framework Using Snort Signature Based Detection System and Knowledge Based Anomaly Detection System
Henry Gekone Ondieki, Dr. Kennedy Ogada, Prof. Wilson Cheruiyot
10.7753/IJCATR0902.1005
keywords : Hybrid Data Loss Detection, Snort Signature Based Detection System, Knowledge Based Anomaly Detection System
In the modern day and era, data has become part and parcel of daily life and business. The concerns for data security have as a result of this, emerged as a major concern when seeking to prevent data leakages and data losses. The need to prevent unauthorized access to data has become a major factor affecting the survival of organizations today due to the consequences that could arise when data falls into the wrong hands. For instance, the level of credibility and trust-worthiness of various companies would be put into question wen sensitive data becomes accessed by unauthorized people. The existing traditional data security methods have not been enough preventative mechanisms to prevent loss and leakage of sensitive data. This calls for the development of a new and improved data security architecture creating the new data leakage prevention systems (IDSs/IPSs). Burgeoning research has seen new innovations and increased funding towards improvement of data security architecture. This study makes a contribution trough use of DLPs to propose hybrid data loss detection and prevention system. Signature based solutions provide accurate identification of the attacker and thus suitable for prevention, they cannot be used when unknown attacker or the attacker who uses different path attacks the system, also anomaly-based solutions can detect the unknown attacker but the false positive results are high thus limiting their allocation on systems. Due to this, in this thesis we propose a hybrid system which combines both the signature based and anomaly-based solutions which enables the detection and prevention of data loss.
@artical{h922020ijcatr09021005,
Title = "A Hybrid Data Loss Detection and Prevention Framework Using Snort Signature Based Detection System and Knowledge Based Anomaly Detection System",
Journal ="International Journal of Computer Applications Technology and Research(IJCATR)",
Volume = "9",
Issue ="2",
Pages ="65 - 71",
Year = "2020",
Authors ="Henry Gekone Ondieki, Dr. Kennedy Ogada, Prof. Wilson Cheruiyot"}
The system consists of several application-based intrusion detection systems
This is an adaptive hybrid data loss detection and prevention intrusion detection system
Encompasses a component for applications with no specialized intrusion detection
This is a Signature-based Detector system.