Abstract
In recent years, network technology has developed rapidly. However, the Internet has been subject to a variety of attacks. Several notable attack events have been reported, such as those involving the use of flooding flows on widely used message boards, installation of malware in an automated teller machine to steal more than 80 million, and use of WannaCry to encrypt users’ files and request for ransoms. The majority of the attacks cannot be defended using single methods. Network-based intrusion detection systems (NIDSs) and host-based IDSs (HIDSs) can determine whether a system has been attacked. A NIDS alone cannot detect web-based attacks or system vulnerabilities. Thus, this paper proposes a risk assessment system (RAS) that integrates a NIDS and HIDS to detect suspicious behaviors and assess the risk value of Internet protocols (IPs). The RAS focuses on the analysis of attack or suspicious behaviors using the NIDS and HIDS. Furthermore, the system quantizes the influence of attackers in suspicious events by using PageRank. Finally, the RAS derives the risk value of every IP to warn users of an attack and protect hosts or devices from the attacks.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
