Abstract
An intrusion detection system (IDS) attempts to identify attacks by comparing collected data to predefined signatures known to be malicious (signature-based IDS) or to a model of legal behaviour (anomaly-based IDS). Anomaly-based approaches have the advantage of being able to detect previously unknown attacks, but they suffer from the difficulty of building robust models of acceptable behaviour which may result in a large number of false alarms. Two reasons for the large number of false alarms, caused by incorrect classification of events in current systems, one is the simplistic aggregation of model outputs inthe decision phase. The other reason is the lack of integration of additional information into the decision process. To mitigate these shortcomings, this paper proposes a two stratum Bayesian networks based anomaly detection and decision model for intrusion detection system. Bayesian networks improve the aggregation of outputs, such as empirical data and allow one to seamlessly incorporate additional information. Experimental results clearly demonstrate the efficiency of our approach to improve the accuracy of the intrusion detection and decision process in an anomaly based IDS.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
