IDSdm: Intrusion Detection Systems based on Data Mining

Brief description

• ERTMD ("Evaluación de Rendimiento de Técnicas de Minería de Datos" / Evaluation of the Performance of Data Mining Techniques): it supports the comparison of the efficiency of different data mining techniques applied to intrusion detection.
• IDS-NET: it allows for the detection of potential intrusions based on a provided set of incoming communication data.
• IDS-NET-DAEMON: it is a prototype intrusion detection system based on one of these techniques (Linux daemon).

Documentation

• Analysis of requirements of the tools developed (in Spanish)
• Information about the tools developed (in Spanish)
• Other experimental results not shown in the paper (in Spanish)

Software

• GitHub repository with the source code

Videos

• Sample video showing a sample scenario with the IDS-NET-DAEMON

Snapshots

• Directory structure for the tools:
  
  
  


• Initial screen of ERTMD:
  
  
  


• Main menu of ERTMD:
  
  
  


• Example of the loading of control parameters in ERTMD:
  
  
  


• Example of results obtained with ERTMD:
  
  
  


• Example of CSV output file obtained with ERTMD:
  
  
  


• Example of use of IDS-NET:
  
  
  


• Example of CSV output file obtained with IDS-NET:
  
  
  


• Configuration file for IDS-NET-DAEMON:
  
  
  
  
  


• Unit of service file for IDS-NET-DAEMON:
  
  
  


• Example of email sent by IDS-NET-DAEMON:
  
  
  


• Example of the use of IDS-NET-DAEMON in debug mode:
  
  
  


• Control directory for IDS-NET-DAEMON:
  
  
  


• File requirements.txt for the tools developed:
  
  
  

Contributors

• Sergio Ilarri
• Fernando Tricas

• Arturo Calvera

Acknowledgments

• Project PID2020-113037RB-I00 / AEI / 10.13039/501100011033 — Next-gEnerATion dAta Management to foster suitable Behaviors and the resilience of cItizens against modErN ChallEnges (NEAT-AMBIENCE)
• Government of Aragon (COSMOS research group; last group reference: T64_23R; previous group reference: T64_20R)

Logos