Analysis of alarms to prevent the organizations network in real-time using process mining approach

The analysis of alarms in the current intrusion detection system depends upon the manual system by network administrators. Due to the manual analysis, still many organizations are facing the false alarm problem causing the performance deficiency. In this manuscript, a model has been proposed for profile-based system, which will work on real time to analyze the suspicious activities and detect the intrusion automatically. The proposed model will also analyze the alarms to detect attacks and give the automatic response to prevent in real time. Processes were compared with original log events with tempered log events and the difference was found. Our extended work will be to develop the plugin in java with the combination of proposed algorithm, which could be imbedded in the tool to get the automatic response.