loading
Documents

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Pablo Garcia Bringas 1 ; Yoseba K. Penya 1 ; Stefano Paraboschi 2 and Paolo Salvaneschi 2

Affiliations: 1 University of Deusto, Faculty of Engineering - ESIDE, Spain ; 2 University of Bergamo, Faculty of Engineering, Italy

ISBN: 978-989-8111-37-1

ISSN: 2184-4992

Keyword(s): Intrusion Detection, Intrusion Prevention, Misuse Detection, Anomaly Detection, Data Mining, Machine Learning, Bayesian Networks.

Related Ontology Subjects/Areas/Topics: Applications of Expert Systems ; Artificial Intelligence ; Artificial Intelligence and Decision Support Systems ; Bayesian Networks ; Enterprise Information Systems ; Soft Computing ; Verification and Validation of Knowledge-Based Systems

Abstract: Network Intrusion Detection Systems (NIDS) aim at preventing network attacks and unauthorised remote use of computers. More accurately, depending on the kind of attack it targets, an NIDS can be oriented to detect misuses (by defining all possible attacks) or anomalies (by modelling legitimate behaviour and detecting those that do not fit on that model). Still, since their problem knowledge is restricted to possible attacks, misuse detection fails to notice anomalies and vice versa. Against this, we present here ESIDE-Depian, the first unified misuse and anomaly prevention system based on Bayesian Networks to analyse completely network packets, and the strategy to create a consistent knowledge model that integrates misuse and anomaly-based knowledge. Finally, we evaluate ESIDE-Depian against well-known and new attacks showing how it outperforms a well-established industrial NIDS.

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.238.147.211

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Garcia Bringas, P.; K. Penya, Y.; Paraboschi, S. and Salvaneschi, P. (2008). BAYESIAN-NETWORKS-BASED MISUSE AND ANOMALY PREVENTION SYSTEM.In Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 6: ICEIS, ISBN 978-989-8111-37-1, pages 62-69. DOI: 10.5220/0001702300620069

@conference{iceis08,
author={Pablo {Garcia Bringas} and Yoseba {K. Penya} and Stefano Paraboschi and Paolo Salvaneschi},
title={BAYESIAN-NETWORKS-BASED MISUSE AND ANOMALY PREVENTION SYSTEM},
booktitle={Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 6: ICEIS,},
year={2008},
pages={62-69},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001702300620069},
isbn={978-989-8111-37-1},
}

TY - CONF

JO - Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 6: ICEIS,
TI - BAYESIAN-NETWORKS-BASED MISUSE AND ANOMALY PREVENTION SYSTEM
SN - 978-989-8111-37-1
AU - Garcia Bringas, P.
AU - K. Penya, Y.
AU - Paraboschi, S.
AU - Salvaneschi, P.
PY - 2008
SP - 62
EP - 69
DO - 10.5220/0001702300620069

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.