ABSTRACT: Now a day’s lot of the users use ids and password as login pattern forthe authenticate users. However making patterns is weakest point of computersecurity as so many user share the login pattern with the co-workers for thecompleted co-task, inside attacker is attacked internally and it will be validattacker of system, As using intrusion detection systems and firewalls identifyand isolate harmful behaviors generated from the outside world we can find outinternal attacker of the system only. In some of the studied define examine thatsystem calls generated by some commands and these command help to find detectaccurate attacks, and attack patterns are the features of an attack. However inthe paper security System define as the Internal Intrusion Detection andProtection System (IIDPS), is help to detect internally attacks by using datamining and forensic technique at SC level. For the track the information of users usages the IIDPS creates users’personal profiles as their forensic features and investigate that the validlogin user is account holder can login or not by comparing his/her currentcomputer usage behaviors with the patterns collected in the account holder’spersonal profile. The experimental results demonstrate that the IIDPS’s useridentification accuracy is 94.29%, whereas the response time is less than 0.45s, implying that it can prevent a protected system from insider attackseffectively and efficiently.
KEYWORDS:Data mining, insider attack, intrusiondetection and protection, system call (SC), users’ behaviors.