| Network based intrusions have become a serious threat to today's highly networked information systems, requiring researchers to develop methods to detect attacks on the network. Two approaches that are used for analyzing whether there is any intrusion or attacks in a network are passive and active. The passive approach is a defensive mechanism which uses encryption, network security, firewalls and intrusion sensors built into Intrusion Detection Systems (IDSs). Whereas an active approach, such as data mining techniques, gives the network administrator the means to accurately track, monitor and detect an attacker. In this research, an active approach, using data extraction techniques, is used to analyze network activity.; The approach implemented in this research is based on statistical mathematical tools and any prior knowledge of the data being gathered to detect an attack on the network. This approach also uses visualization techniques such as graphs and plots to analyze the network events. (Abstract shortened by UMI.)... |
