Towards designing packet filter with a trust-based approach using Bayesian inference in network intrusion detection

Yuxin Meng, Lam For Kwok, Wenjuan Li

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

18 Citations (Scopus)

Abstract

Network intrusion detection systems (NIDSs) have become an essential part for current network security infrastructure. However, in a large-scale network, the overhead network packets can greatly decrease the effectiveness of such detection systems by significantly increasing the processing burden of a NIDS. To mitigate this issue, we advocate that constructing a packet filter is a promising and complementary solution to reduce the workload of a NIDS, especially to reduce the burden of signature matching. We have developed a blacklist-based packet filter to help a NIDS filter out network packets and achieved positive experimental results. But the calculation of IP confidence is still a big challenge for our previous work. In this paper, we further design a packet filter with a trust-based method using Bayesian inference to calculate the IP confidence and explore its performance with a real dataset and in a network environment. We also analyze the trust-based method by comparing it with our previous weight-based method. The experimental results show that by using the trust-based calculation of IP confidence, our designed trust-based blacklist packet filter can achieve a better outcome.

Original languageEnglish
Title of host publicationSecurity and Privacy in Communication Networks - 8th International ICST Conference, SecureComm 2012, Revised Selected Papers
Pages203-221
Number of pages19
DOIs
Publication statusPublished - 2013
Externally publishedYes
Event8th International ICST Conference on Security and Privacy in Communication Networks, SecureComm 2012 - Padua, Italy
Duration: 3 Sep 20125 Sep 2012

Publication series

NameLecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering
Volume106 LNICS
ISSN (Print)1867-8211

Conference

Conference8th International ICST Conference on Security and Privacy in Communication Networks, SecureComm 2012
Country/TerritoryItaly
CityPadua
Period3/09/125/09/12

Keywords

  • Bayesian Inference
  • IP Confidence
  • Network Intrusion Detection
  • Packet Filter
  • Trust Calculation

ASJC Scopus subject areas

  • Computer Networks and Communications

Cite this