A Probabilistic Approach for Network Intrusion Detection

Author

Khor, Kok-Chin ; Ting, Choo-Yee ; Amnuaisuk, Somnuk-Phon

Author_Institution

Fac. of Inf. Technol., Multimedia Univ., Cyberjaya

fYear

2008

Firstpage

463

Lastpage

468

Abstract

This study aims to propose a probabilistic approach for detecting network intrusions using Bayesian networks (BNs). Three variations of BN, namely, naive Bayesian network (NBC), learned BN, and handcrafted BN, were evaluated and from which, an optimal BN was obtained. A standard dataset containing 494020 records, a category for normal network traffics, and four major attack categories (denial of service, probing, remote to local, user to root and normal), were used in this study. The dataset went through an 80-20 split to serve the training and testing phases. 80% of the dataset were treated with a feature selection algorithm to obtain a set of features, from which the three BNs were constructed. During the evaluation phase, the remaining 20% of the dataset were used to obtain the classification accuracies of the BNs. The results show that the hand-crafted BN, in general, has outperformed NBC and Learned BN.

Keywords

Bayes methods; belief networks; computer networks; security of data; telecommunication security; classification accuracies; feature selection algorithm; handcrafted Bayesian Network; learned Bayesian network; naive Bayesian networks; network intrusion detection; normal network traffics; Artificial intelligence; Bayesian methods; Computer networks; Data security; Intrusion detection; Niobium compounds; Performance evaluation; Random variables; Telecommunication traffic; Testing; Bayesian AI; Network Intrusion Detection;

fLanguage

English

Publisher

ieee

Conference_Titel

Modeling & Simulation, 2008. AICMS 08. Second Asia International Conference on

Conference_Location

Kuala Lumpur

Print_ISBN

978-0-7695-3136-6

Electronic_ISBN

978-0-7695-3136-6

Type

conf

DOI

10.1109/AMS.2008.92

Filename

4530520