TY - GEN
T1 - Towards designing packet filter with a trust-based approach using Bayesian inference in network intrusion detection
AU - Meng, Yuxin
AU - Kwok, Lam For
AU - Li, Wenjuan
PY - 2013
Y1 - 2013
N2 - Network intrusion detection systems (NIDSs) have become an essential part for current network security infrastructure. However, in a large-scale network, the overhead network packets can greatly decrease the effectiveness of such detection systems by significantly increasing the processing burden of a NIDS. To mitigate this issue, we advocate that constructing a packet filter is a promising and complementary solution to reduce the workload of a NIDS, especially to reduce the burden of signature matching. We have developed a blacklist-based packet filter to help a NIDS filter out network packets and achieved positive experimental results. But the calculation of IP confidence is still a big challenge for our previous work. In this paper, we further design a packet filter with a trust-based method using Bayesian inference to calculate the IP confidence and explore its performance with a real dataset and in a network environment. We also analyze the trust-based method by comparing it with our previous weight-based method. The experimental results show that by using the trust-based calculation of IP confidence, our designed trust-based blacklist packet filter can achieve a better outcome.
AB - Network intrusion detection systems (NIDSs) have become an essential part for current network security infrastructure. However, in a large-scale network, the overhead network packets can greatly decrease the effectiveness of such detection systems by significantly increasing the processing burden of a NIDS. To mitigate this issue, we advocate that constructing a packet filter is a promising and complementary solution to reduce the workload of a NIDS, especially to reduce the burden of signature matching. We have developed a blacklist-based packet filter to help a NIDS filter out network packets and achieved positive experimental results. But the calculation of IP confidence is still a big challenge for our previous work. In this paper, we further design a packet filter with a trust-based method using Bayesian inference to calculate the IP confidence and explore its performance with a real dataset and in a network environment. We also analyze the trust-based method by comparing it with our previous weight-based method. The experimental results show that by using the trust-based calculation of IP confidence, our designed trust-based blacklist packet filter can achieve a better outcome.
KW - Bayesian Inference
KW - IP Confidence
KW - Network Intrusion Detection
KW - Packet Filter
KW - Trust Calculation
UR - http://www.scopus.com/inward/record.url?scp=84874550312&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-36883-7_13
DO - 10.1007/978-3-642-36883-7_13
M3 - Conference article published in proceeding or book
AN - SCOPUS:84874550312
SN - 9783642368820
T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering
SP - 203
EP - 221
BT - Security and Privacy in Communication Networks - 8th International ICST Conference, SecureComm 2012, Revised Selected Papers
T2 - 8th International ICST Conference on Security and Privacy in Communication Networks, SecureComm 2012
Y2 - 3 September 2012 through 5 September 2012
ER -