User Account

All Pages

Implement an intrusion detection system in java

Assignment Help JAVA Programming
Reference no: EM13113793

You are to implement an intrusion detection system in java. We are assuming all activities are associated with the same user. Please don't implement a GUI, the only required into is at the start and the output should all be to standard out on a terminal.

You must provide compilation instructions for your program and the produced program should be IDSE. It should run with the command:
IDSE Events.txt Base-Data.txt Test-Events.txt where the three files do not need to have those names but will follow the formats given below. A Java program should run with Java in front of the command.

There are some files that you will work from. An example of each and the generic structure of each are provided. Examples of the required output will be demonstrated.

A specific example of the first file, Events.txt is
5
Logins:2:Total time online:1:Emails sent:1:Orders processed:1:
Pizza's ordered online:0.5:
The general format is
Number of monitored events
Event-1:Weight-1:Event-2:Weight-2:Event-3:Weight-3:Event-4:Weight-4:
Event-5:Event-5: ....:

Only four events are recorded per line. There will be multiple lines, as many as are necessary to give the details of the specified Number of Monitored Events. Number of Monitored Events will be a positive integer no greater than 20.

The second file, Base-Data.txt contains data based on measuring output associated with the events described in the file Events.txt. Part of a specific example of the second file, associated with the specific example of the first file above, is:
3:290:61:148:2:
2:370:50:173:4:
5:346:87:131:1:
.
.
.
3:325:60:145:5:

The general format for a single line of the file is Measure-Event-1:Measure-Event-2:Measure-Event-3:....:

Measure-Event-Number of monitored events:

Each line contains the measures from a particular day. Each entry is the value associated with that event on a particular day. You can assume that all measures of an event have the same units. The units are assumed to be known and you do not need to report them. The intrusion detection is based on standard deviations.

The third file, Test-Events.txt, has the same form as Base-Data.txt, but each line is to be processed and tested against the base profile. Each corresponds to a days activity. These lines are not to be taken into account in determining the baseline behavior of

the user. A specific example is:
5:387:75:120:2:
1:123:25:50:5:

The general format for a single line of the file is

Measure-Event-1:Measure-Event-2:Measure-Event-3:....:Measure-Event-Number of monitored events:

What do you need to do?

1. Read in the first two files, produce a base profile, and report it, as in the example below. As mentioned earlier, this is all assumed to be for a single user. You have been given the event names and the weights in the first file, Events.txt. You need to calculate the average and standard deviation (stdev) based on the data given in the second file, Base-Data.txt. The average and standard deviation should be listed to two decimal places only.

Event Average Stdev Weight
Logins 4.50 1.25 2
Total time online 287.15 42.12 1
Emails sent 65.40 30.71 1
Orders processed 150.73 20.13 1
Pizza's ordered online 2.03 1.06 0.5

Your output doesn't need to follow this exact format but it should be clear.

2. Calculate a threshold for detecting an intrusion. The threshold is 2*(Sums of weights). This should be reported. For the table above we have Threshold 11

Your output doesn't need to follow this exact format but it should be clear.

3. For each item in the third file, Test-Events.txt, you need to report on whether the there is an intrusion detected. You do this by measuring adding up the weighted number of standard deviations each specific tested event value is from the average for that event, where the standard deviation and average are those you have generated from the base data and reported. For example, if 2 Logins occur in a day, we are 2 standard deviations from the average. Since Logins have a weight of 2 this contributes a distance 4 to our measure. For each event you should report the distance value and whether or not an alarm is raised.

Line 1 -- 5:387:75:120:2: Distance: ... Alarm: No
Line 2 -- 1:123:25:50:5: Distance: ... Alarm: Yes Yes Yes
Again, your output doesn't need to follow this exact format but it should be clear.

note: The program should be running using windows command prompt,you should meet the requirement,and create a read me txt file, and capture some pictures to show you how you figure out it in a word document.

Reference no: EM13113793

Questions Cloud

Information regarding test value : A pizza store chain wants to see which pizza toppings customers seem t olike the best. A random sample of people were asked about their pizza preferences.
What happen if demand is normally distributed : If demand is normally distributed, a basic EOQ is appropriate. a single-period model could not be appropriate. we should produce to fill demand, rather than filling it through orders.
How protein differ from nucleic acid informational molecule : What evidence would then have lead researchers to conclude that protein is the heritable material? how would protein differ from nucleic acids as informational molecule?
Explain gallo socially responsible by supplying dessert wine : Explain Is Gallo being socially responsible by supplying dessert wines? What responsibility does Gallo have to consumers in furnishing dessert wines?
Implement an intrusion detection system in java : You are to implement an intrusion detection system in java. Calculate a threshold for detecting an intrusion. The threshold is 2*(Sums of weights).
What would elucidate this divergence in margins : National cereal manufacturers receive high margins for many of their cereals, often ranging from 60-75 percent. By contrast, the large retail grocery chains (Kroger, Safeway, etc.) that sell cereal make much smaller margins. What would elucidate ..
How do you suspect such modifications : Although several different mammalian species have been cloned, the efficiency of this process is extremely low. Often tens or even hundreds of oocytes must be implanted with donor nuclei to obtain one healthy live birth.
Perform a one-tailed hypothesis test : Conduct a one-tailed hypothesis test given the information below. A certain brand of fluorescent light tube was advertised as having an effective life span before burning out of 4000 hours.
Expalin how does a binding arbitration work : Expalin how does a binding arbitration work? Should companies be allowed to adopt a binding arbitration requirement for their current employees in which employees surrender their rights to litigate empoyment disputes through the court system?

Reviews

Write a Review

JAVA Programming Questions & Answers

  User session mgr - socket and thread programs

User Session Mgr - Socket and Thread Programs

  Input pairs of natural numbers

Java program to input pairs of natural numbers.

  Implement the application using a singly linked list

Implement the following application using a singly linked list. This application accepts from console and stores a list of 10 names of your friends in the singly linked list

  Write a recursive instance method

Write a recursive instance method

  Write java program which simulates flipping of coin

Write a Java program which simulates flipping of coin 1000 times and prints total number of heads and tails. You should create a class.

  Explain java-oriented microprocessors presented by sun

Research the latest Java-oriented microprocessors presented by Sun. In what ways are they optimized to implement Java programs?

  Write a program that simulate n rolls of six-sided die

Write a program that simulate n rolls of six-sided die and displays the frequency of occurrence of each side and What is the most likely method signature of the "parseInt() - TNE60003

  Design an abstract data type in java

Design an abstract data type in Java that represents a musical pitch

  Simulate a simple multiuser computer system

Prepare a java program to simulate a simple multiuser computer system

  Mvc pattern and servlet

When you use the MVC pattern, the controller directs the flow of control to

  How to access to elements of document object model

To limit creation of malicious code, do you believe that access to elements of document object model and some Javascript functionality be limited?

  Write java program which will permit user to make selection

Write the Java Program which will permit the user to make selection. You will present user with two options to perform, then you will perform action selected by user.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd