Improving Accuracy in Decision Making for Detecting Intruders
Normal host based Intrusion detection system provides the user some alerts of data integrity breach on the basis of policy violation and unauthorized access. There are some factors responsible if any employees of the enterprise access some files on which basis policy and permissions are applied. If these are incorrectly applied then false positive rate of intrusion detection increases. To minimize this rate and to better understand about the user who access unauthorized file, a framework is proposed which assemble data and information from diverse devices, and a special active record will be created, which will help the administrator to take better decision which will improve accuracy in decision making and more supportive policies and permissions can be implemented on intrusion detection system.