Date of Award
Master of Science in Electrical Engineering - (M.S.)
Electrical and Computer Engineering
Constantine N. Manikopoulos
In the current intrusion detection world, most intrusion detection systems output data into flat files. This project was conducted in order to improve intrusion detection data and alerts by writing them into a database system and analyzing them with SQL. A database plug-in was developed that helps to transition the data from an intrusion detection system to a database. Storing, analyzing, categorizing, and accessing data are major advantages and reasons for using databases in intrusion detection. Security analysts have to constantly perform the difficult task of sorting through a haystack of attack alerts, many of which turn out to be inaccurate. It is possible to make the job of managing these alerts, analyzing data with high precision, and searching for attacks or intrusions easier by using SQL based analysis. In addition, a statistical analysis was conducted and proved that such a method can be effective in detecting intrusions and increasing the security of the network.
Zakhalyavko, Dmytro, "Detection of denial of service attacks using database queries" (2004). Theses. 585.