E-NIPS: An Event-Based Network Intrusion Prediction System
作者: Pradeep Kannadiga , Mohammad Zulkernine , Anwar Haque
DOI: 10.1007/978-3-540-75496-1_3
关键词: Host-based intrusion detection system 、 Robust random early detection 、 Penetration (warfare) 、 Network security 、 Data mining 、 Event (computing) 、 Set (abstract data type) 、 Anomaly-based intrusion detection system 、 Intrusion detection system 、 Computer science
摘要: Intrusion detection systems (IDSs) can detect and respond to various attacks. However, they cannot all attacks, are not capable of predicting future In this research, we propose an automatic intrusion prediction system (IPS) called E-NIPS (Event-based Network Prediction System) that only attacks but also predict probable We have utilized network penetration scenarios partitioned into multiple phases depending on the sequences follow during penetrations. Each these consists attack classes precursors next phase. An class is a set same objectives, categorized generalize reduce burden engine alerts correlation tasks. Future predicted based detected in earlier phase scenario. Automatic provides little very crucial time required for fortifying networks against warns administrators about possible reduces damage caused due paper, describe architecture, operation, implementation E-NIPS. The prototype evaluated some most commonly occurring scenarios. experimental results show automatically useful information occurrence events.
springer.com
springerlink.com
acm.org 参考文章(16)
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
PingZhao Hu, M.I. Heywood, Predicting intrusions with local linear models international joint conference on neural network. ,vol. 3, pp. 1780- 1785 ,(2003) , 10.1109/IJCNN.2003.1223677
John McHugh, Testing Intrusion detection systems ACM Transactions on Information and System Security. ,vol. 3, pp. 262- 294 ,(2000) , 10.1145/382912.382923
Steven J. Templeton, Karl Levitt, A requires/provides model for computer attacks new security paradigms workshop. pp. 31- 38 ,(2001) , 10.1145/366173.366187
Cynthia Phillips, Laura Painton Swiler, None, A graph-based system for network-vulnerability analysis new security paradigms workshop. pp. 71- 79 ,(1998) , 10.1145/310889.310919
H.S. Teng, K. Chen, S.C. Lu, Security audit trail analysis using inductively generated predictive rules Sixth Conference on Artificial Intelligence for Applications. pp. 24- 29 ,(1990) , 10.1109/CAIA.1990.89167
Nong Ye, Xiangyang Li, Qiang Chen, S.M. Emran, Mingming Xu, Probabilistic techniques for intrusion detection based on computer audit data systems man and cybernetics. ,vol. 31, pp. 266- 274 ,(2001) , 10.1109/3468.935043
Lingyu Wang, Anyi Liu, Sushil Jajodia, Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts Computer Communications. ,vol. 29, pp. 2917- 2933 ,(2006) , 10.1016/J.COMCOM.2006.04.001
J. Pikoulas, W.J. Buchanan, M. Mannion, K. Triantafyllopoulos, An agent-based Bayesian forecasting model for enhanced network security engineering of computer based systems. pp. 247- 254 ,(2001) , 10.1109/ECBS.2001.922429
N. Ye, Q. Chen, C.M. Borror, EWMA forecast of normal system activity for computer intrusion detection IEEE Transactions on Reliability. ,vol. 53, pp. 557- 566 ,(2004) , 10.1109/TR.2004.837705