• DocumentCode
    2271406
  • Title

    Anomaly-Based Intrusion Detection Using Bayesian Networks

  • Author

    Tylman, Wojciech

  • Author_Institution
    Wroclaw Univ. of Technol., Wroclaw
  • fYear
    2008
  • fDate
    26-28 June 2008
  • Firstpage
    211
  • Lastpage
    218
  • Abstract
    This paper presents an application of Bayesian networks to the process of intrusion detection in computer networks. The presented system, called Basset (Bayesian system for intrusion detection) extends functionality of Snort, an open-source NIDS, by incorporating Bayesian networks as additional processing stages. The flexible nature of this solution allows it to be used both for misuse-based and anomaly-based detection process; this paper concentrates on the anomaly-based detection. The ultimate goal is to create a hybrid, misuse anomaly based solution that will allow interaction between these two techniques of intrusion detection. Ability to alter its behaviour based on historical data is also an important feature of the described system.
  • Keywords
    belief networks; computer networks; security of data; Bayesian networks; anomaly-based detection process; anomaly-based intrusion detection; computer networks; misuse-based detection process;; open-source NIDS; Application software; Bayesian methods; Computer networks; Engines; Event detection; Intrusion detection; Open source software; Protection; Protocols; Telecommunication traffic; Bayesian networks; anomaly detection; intrusion detection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Dependability of Computer Systems, 2008. DepCos-RELCOMEX '08. Third International Conference on
  • Conference_Location
    Szklarska Poreba
  • Print_ISBN
    978-0-7695-3179-3
  • Type

    conf

  • DOI
    10.1109/DepCoS-RELCOMEX.2008.52
  • Filename
    4573059
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2271406