کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
457558 695947 2009 12 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
Predicting intrusion goal using dynamic Bayesian network with transfer probability estimation
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر شبکه های کامپیوتری و ارتباطات
پیش نمایش صفحه اول مقاله
Predicting intrusion goal using dynamic Bayesian network with transfer probability estimation
چکیده انگلیسی

Predicting the intentions of an observed agent and taking corresponding countermeasures is the essential part for the future proactive intrusion detection systems (IDS) as well as intrusion prevention systems (IPS). In this paper, an approach of dynamic Bayesian network with transfer probability estimation was developed to predict whether the goal of system call sequences is normal or not, with early-warnings being launched, so as to ensure that some appropriate countermeasures could be taken in advance. Since complete set of system call state transfer can hardly be built in real environments, the empirical results show that the newly emerging system call transfer would have great impact on the prediction performance if we straightly use dynamic Bayesian network without transfer probability estimation. Therefore, we estimate the probability of new state transfer to predict the goals of system call sequences together with those in conditional probability table (CPT). It surmounts the difficulties of manually selecting compensating parameters with dynamic Bayesian network approach [Feng L, Guan X, Guo S, Gao Y, Liu P. Predicting the intrusion intentions by observing system call sequences. Computers & Security 2004; 23/3: 241–252] and obviously makes our prediction model more applicable. The University of New Mexico (UNM) and KLINNS data sets were analyzed and the experimental results show that it performs very well for predicting the goals of system call sequences with high accuracy and furthermore dispenses with much more manual work for selecting compensating parameters.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Journal of Network and Computer Applications - Volume 32, Issue 3, May 2009, Pages 721–732
نویسندگان
, , , ,