By Topic

Misuse-Based Intrusion Detection Using Bayesian Networks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Wojciech Tylman ; Wroclaw Univ. of Technol., Warsaw

This paper presents an application of Bayesian networks to the process of intrusion detection in computer networks. The presented system, called Basset (Bayesian system for intrusion detection) extends functionality of Snort, an open-source NIDS, by incorporating Bayesian networks as additional processing stages. The flexible nature of this solution allows it to be used both for misuse-based and anomaly-based detection process; this paper concentrates on the misuse-based detection. The ultimate goal is to provide better detection capabilities and less chance of false alarms by creating a platform capable of evaluating Snort alerts in a broader context - other alerts and network traffic in general. An ability to include on-demand information from third party programs is also an important feature of the presented approach to intrusion detection.

Published in:

Dependability of Computer Systems, 2008. DepCos-RELCOMEX '08. Third International Conference on

Date of Conference:

26-28 June 2008