Skip to main content
SpringerLink
Log in

Network-Based Anomaly Intrusion Detection Improvement by Bayesian Network and Indirect Relation

  • Conference paper
Knowledge-Based Intelligent Information and Engineering Systems (KES 2007)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 4693))

Abstract

In this paper, Network-based anomaly intrusion detection method using Bayesian Networks was estimated probability values of behavior contexts based on Bayes theory and Indirect relation. The contexts of network-based FTP service was represented Bayesian Networks of graphic types. We profiled concisely network-based FTP behaviors using behavior context by prior, posterior and Indirect relation. And this method be able to visualize behavior profile to detect/analyze anomaly behavior. We achieve simulation to translate audit data of network into Bayesian network which is network-based behavior profile for anomaly detection.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Nassehi, M.: Characterizing Masqueraders for Intrusion Detection. Computer Science/Mathematics (1998)

    Google Scholar 

  2. Scott, S.L.: A Bayesian Paradigm for Designing Intrusion Detection Systems, Computational Statistics and Data Analysis (June 20, 2002)

    Google Scholar 

  3. Denning, D.E.: An Intrusion-Detection Model. IEEE Transaction on Software Engineering SE-13(2), 222–232 (1987)

    Article  Google Scholar 

  4. Shieh, S.-P., Gligor, V.D.: On a Pattern-Oriented Model for Intrusion Detection. IEEE Transaction on knowledge and Data Engineering 9(4) (July/August 1997)

    Google Scholar 

  5. Kumar, S., Spafford, E.H.: An Application of Pattern Matching in Intrusion Detection, Technical Report CSD-TR-94-013 (June 17, 1994)

    Google Scholar 

  6. Barbara, D., Couto, J., Jajodia, S., Popyack, L., Wu, N.: ADAM: Detecting Intrusions by Data Mining. In: Proceedings of the 2001 IEEE Workshop on Information Assurance and Security (2001)

    Google Scholar 

  7. Cha, B.R.: The Prototype of Bayesian framework based on XML for System Call Profiling, GESTS Int’l. Trans. Computer Science and Eng. 15(1) (2005)

    Google Scholar 

  8. Cha, B.R.: FTP Anomaly Detection Improvement by Indirection Relation and BF-XML Profiling. Journal of Convergence Information Technology 1(1) (December 2006)

    Google Scholar 

  9. Cha, B.R.: Improvement of Anomaly Intrusion Detection Performance by Indirect Relation for FTP Service. In: IWANN 2007. LNCS, vol. 4507, pp. 895–902. Springer, Heidelberg (2007)

    Google Scholar 

  10. Mahoney, M.V., Chan, P.K.: Learning Nonstationary Models of Normal Network Traffic for Detecting Novel Attacks (2002)

    Google Scholar 

  11. Mahoney, M.V., Chan, P.K.: PHAD: Packet Header Anomaly Detection for Identifying Hostile Network Traffic, Florida Institute of Technology Technical Report CS-2001-04 (2001)

    Google Scholar 

  12. http://www.ll.mit.edu/IST/ideval/data/data_index.html

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Eng., Honam Univ., Korea

    ByungRae Cha

  2. Dept. of Information & Communication Eng., Honam Univ., Korea

    DongSeob Lee

Authors
  1. ByungRae Cha
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. DongSeob Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dipartimento di Scienze dell’Informazione, Università degli Studi di Milano, Via Comelico 39/41, 20135, Milano, Italy

    Bruno Apolloni

  2. Centre for SMART Systems, School of Engineering, University of Brighton, BN2 4GJ, Brighton, UK

    Robert J. Howlett

  3. Knowledge-Based Intelligent Engineering Systems Centre, University of South Australia, Mawson Lakes, SA 5095, Adelaide, Australia

    Lakhmi Jain

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Cha, B., Lee, D. (2007). Network-Based Anomaly Intrusion Detection Improvement by Bayesian Network and Indirect Relation. In: Apolloni, B., Howlett, R.J., Jain, L. (eds) Knowledge-Based Intelligent Information and Engineering Systems. KES 2007. Lecture Notes in Computer Science(), vol 4693. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74827-4_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-74827-4_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-74826-7

  • Online ISBN: 978-3-540-74827-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation