Process Mining in Intrusion Detection-The Need of Current Digital World

• Published in: Advanced Informatics for Computing Research Vol. 712; pp. 238 - 246
• Main Authors: Mishra, Ved Prakash, Shukla, Balvinder
• Format: Book Chapter
• Language: English
• Published: Singapore Springer 2017; Springer Singapore
• Series: Communications in Computer and Information Science
• Subjects: Audit trails/event logs; Data mining; Intrusion; Process mining; Security
• ISBN: 9789811057793; 9811057796
• ISSN: 1865-0929; 1865-0937
• DOI: 10.1007/978-981-10-5780-9_22

In the current age of digital world, all users of Internet/Network as well as organizations are suffering from intrusions which results into data/information are theft/loss. In the present manuscript concept of intrusion detection system (IDS) were discussed along with its types and basic approaches. It is found that signature analysis, expert system, data mining etc. still using for IDS. Survey was given related to cybercrime incidents across various industry sectors. After analyzing the attacks on networks of organizations in different industry sectors it is found that still attacks like DDoS are not preventable. Comparison of data mining algorithms used for intrusion detection was also done. Various methods to implement the algorithm along with the advantages and disadvantages were also discussed in detail. Because of the disadvantages like over fitting, slow testing speed, unstable algorithms etc., intruders in the network are still active. To avert these shortcomings there is a need to develop real-time intrusion detection and prevention system through which data/information can be protected and saved in real-time basis before a severe loss is experienced. The real-time prevention is possible only if alerts are received instantly without delays. For this purpose, process mining could be used. This technique gives instant time alerts with real time analysis so as to prevent intrusions and data loss.