Network intrusion detection in an enterprise: Unsupervised analytical methodology

Abstract

Be it an individual, or an organization or any government institution, cyber-attack has no boundaries. Cyber-attacks in the form of Malware, Phishing and Intrusion into an enterprise network have become more prevalent these days. With advancement in technology, the number of connected devices has increased vastly leading to storage of very sensitive data belonging to different entities. Cybercriminals attempt to access this data as it is very lucrative for them to monetize this information. Due to the sophistication in technology used by cybercriminals, these attacks have become more difficult to detect and handle, making it a major challenge for governments and various enterprises to protect their sensitive data. Traditional detection methods such as antivirus and firewalls are limited only to known attacks, i.e., the attacks which have occurred in the past. Nowadays the growing advancement in the field of technology has led to unique and different types of attacks for which the traditional detection methods fail. In this paper, we will propose our methodology of Intrusion detection which will be able to handle such threats in near real time.