Abstract
In this paper, Network-based anomaly intrusion detection method using Bayesian Networks was estimated probability values of behavior contexts based on Bayes theory and Indirect relation. The contexts of network-based FTP service was represented Bayesian Networks of graphic types. We profiled concisely network-based FTP behaviors using behavior context by prior, posterior and Indirect relation. And this method be able to visualize behavior profile to detect/analyze anomaly behavior. We achieve simulation to translate audit data of network into Bayesian network which is network-based behavior profile for anomaly detection.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Nassehi, M.: Characterizing Masqueraders for Intrusion Detection. Computer Science/Mathematics (1998)
Scott, S.L.: A Bayesian Paradigm for Designing Intrusion Detection Systems, Computational Statistics and Data Analysis (June 20, 2002)
Denning, D.E.: An Intrusion-Detection Model. IEEE Transaction on Software Engineering SE-13(2), 222–232 (1987)
Shieh, S.-P., Gligor, V.D.: On a Pattern-Oriented Model for Intrusion Detection. IEEE Transaction on knowledge and Data Engineering 9(4) (July/August 1997)
Kumar, S., Spafford, E.H.: An Application of Pattern Matching in Intrusion Detection, Technical Report CSD-TR-94-013 (June 17, 1994)
Barbara, D., Couto, J., Jajodia, S., Popyack, L., Wu, N.: ADAM: Detecting Intrusions by Data Mining. In: Proceedings of the 2001 IEEE Workshop on Information Assurance and Security (2001)
Cha, B.R.: The Prototype of Bayesian framework based on XML for System Call Profiling, GESTS Int’l. Trans. Computer Science and Eng. 15(1) (2005)
Cha, B.R.: FTP Anomaly Detection Improvement by Indirection Relation and BF-XML Profiling. Journal of Convergence Information Technology 1(1) (December 2006)
Cha, B.R.: Improvement of Anomaly Intrusion Detection Performance by Indirect Relation for FTP Service. In: IWANN 2007. LNCS, vol. 4507, pp. 895–902. Springer, Heidelberg (2007)
Mahoney, M.V., Chan, P.K.: Learning Nonstationary Models of Normal Network Traffic for Detecting Novel Attacks (2002)
Mahoney, M.V., Chan, P.K.: PHAD: Packet Header Anomaly Detection for Identifying Hostile Network Traffic, Florida Institute of Technology Technical Report CS-2001-04 (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cha, B., Lee, D. (2007). Network-Based Anomaly Intrusion Detection Improvement by Bayesian Network and Indirect Relation. In: Apolloni, B., Howlett, R.J., Jain, L. (eds) Knowledge-Based Intelligent Information and Engineering Systems. KES 2007. Lecture Notes in Computer Science(), vol 4693. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74827-4_18
Download citation
DOI: https://doi.org/10.1007/978-3-540-74827-4_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74826-7
Online ISBN: 978-3-540-74827-4
eBook Packages: Computer ScienceComputer Science (R0)