formularioHidden
formularioRDF
Login

Registriere dich

Oder, falls du lieber...

 

Panel Information

Utilizamos cookies propias y de terceros para mejorar tu experiencia de navegación. Al continuar con la navegación entendemos que aceptas nuestra política de cookies.

Bayesian-networks-based misuse and anomaly prevention system

Inproceeding

By

Pablo García Bringas
Yoseba Peña Landaburu
Steffano Paraboschi
Paolo Salvaneschi

In

ICEIS (), 2008 (), p. 62-69 , -.
Barcelona
,
Spain
, 2008

Abstract

Network Intrusion Detection Systems (NIDS) aim at preventing network attacks and unauthorised remote use of computers. More accurately, depending on the kind of attack it targets, an NIDS can be oriented to detect misuses (by defining all possible attacks) or anomalies (by modelling legitimate behaviour and detecting those that do not fit on that model). Still, since their problem knowledge is restricted to possible attacks, misuse detection fails to notice anomalies and vice versa. Against this, we present here ESIDEDepian, the first unified misuse and anomaly prevention system based on Bayesian Networks to analyse completely network packets, and the strategy to create a consistent knowledge model that integrates misuse and anomaly-based knowledge. Finally, we evaluate ESIDE-Depian against well-known and new attacks showing how it outperforms a well-established industrial NIDS.

Über diese Ressource...

Besuche/Aufrufe 94

Kategorien: