By Topic

Intensive Use of Bayesian Belief Networks for the Unified, Flexible and Adaptable Analysis of Misuses and Anomalies in Network Intrusion Detection and Prevention Systems

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Pablo Garcia Bringas ; University of Deusto, Spain

This paper describes the ESIDE-Depian intrusion detection and prevention system, which uses Bayesian structural and parametric learning and also evidence propagation and adaptation, in order to improve the accuracy and manageability of network intrusion detection systems (NIDS). Current NIDS do not consider the two main detection paradigms, i.e. misuse detection and anomaly detection, in an unified style, so the analysis is not inherently complete. Besides, historical data are not generally used, neither for analysis nor for sequential adaptation of the knowledge representation models used for detection; hence this wealthy information about the essence and the potential trends of the target system is not commonly considered. Thus, by the generalized use of Bayesian belief networks, ESIDE-Depian achieves the main goal of detecting and preventing both well-known and also zero-day attacks with excellent results, by means of unified real-time analysis of network traffic.

Published in:

18th International Workshop on Database and Expert Systems Applications (DEXA 2007)

Date of Conference:

3-7 Sept. 2007