Title :
A Framework for an Adaptive Intrusion Detection System using Bayesian Network
Author :
Jemili, Farah ; Zaghdoud, Montaceur ; Ben Ahmed, M.
Author_Institution :
Manouba Univ., Manouba
Abstract :
The goal of a network-based intrusion detection system (IDS) is to identify malicious behavior that targets a network and its resources. Intrusion detection parameters are numerous and in many cases they present uncertain and imprecise causal relationships which can affect attack types. A Bayesian Network (BN) is known as graphical modeling tool used to model decision problems containing uncertainty. In this paper, a BN is used to build automatic intrusion detection system based on signature recognition. The goal is to recognize signatures of known attacks, match the observed behavior with those known signatures, and signal intrusion when there is a match. A major difficulty of this system is that intrusions signatures change over the time and the system must be retrained. An IDS must be able to adapt to these changes. The goal of this paper is to provide a framework for an adaptive intrusion detection system that uses Bayesian network.
Keywords :
belief networks; computer networks; digital signatures; pattern matching; telecommunication security; Bayesian network; adaptive intrusion detection system; computer network; graphical modeling tool; malicious behavior; pattern matching; signature recognition; Adaptive systems; Bayesian methods; Computer networks; Intrusion detection; Laboratories; Operating systems; Protection; TCPIP; Telecommunication traffic; Traffic control; Adaptive intrusion detection; bayesian network; inference; learning algorithm; learning dataset;
Conference_Titel :
Intelligence and Security Informatics, 2007 IEEE
Conference_Location :
New Brunswick, NJ
Electronic_ISBN :
1-4244-1329-X
DOI :
10.1109/ISI.2007.379535
