240 likes | 394 Views
Application of Bayesian Network in Computer Networks. Raza H. Abedi. Misuse-Based Intrusion Detection Using Bayesian Networks. Introduction NIDS Snort Bayesian System for Intrusion Detection (Basset) Misuse Based Anomaly Based Misuse base system is studied in this paper
E N D
Application of Bayesian Networkin Computer Networks Raza H. Abedi
Misuse-Based Intrusion Detection Using Bayesian Networks • Introduction • NIDS • Snort • Bayesian System for Intrusion Detection (Basset) • Misuse Based • Anomaly Based • Misuse base system is studied in this paper • Goal is to provide better detection capabilities and less chances of false alarms
Problem Identification • The possibility that a fingerprint might be matched with a legitimate packet will always be there • Since some fingerprints contain detailed description, so there might be a possibility that if some hacker change only the port number than the malicious packet will be treated as a legitimate packet. • Snort treat each event individually, it cannot analyze any link between certain flows of packet. Some attack scenario involves three different phases, reconnaissance, actual attack and post attack activity
Problem Identification • It is not possible to gather information about any computer which is an intended target of the attack. Insignificant alarm could be raised without an actual threat • There is no learning capability in the system, since all rules are human-made so there is no way that the program could modify them in any way
A Probabilistic Approach for Network Intrusion Detection • Introduction • The aim is to propose a probabilistic approach for detecting intrusions by using Bayesian Network • Three variation of BN (Naïve BN, Learned BN and Handcrafted BN) were evaluated from which the optimal BN was obtained • Three categories of attack were considered (DoS, Probing, Remote to Local and User to Root) • The data set consists of around half million records, Records are split in to 80% and 20%, for training and testing phase
Problem Definition • To select after evaluation, which type of BN is the most optimal one in our scenario • 80% of the data is first utilized in structure building and the remaining 20% were used to obtain classification accuracies of BNs
A Bayesian Network Based Trust Model for Improving Collaboration in Mobile Ad hoc Networks • Introduction • Mobile Ad hoc Network • Model evaluates trust in a server with direct experience and recommendations from other nodes in MANET • A BN based trust model is proposed and evaluated through simulation that the model is optimal in selecting best server among a set of eligible servers
Problem Identification • Mobile ad hoc network consist of a number of nodes communicating with each other without any central control or hierarchy • It is impossible to ascertain which node is a malicious one or the legitimate one • A trust must be established before a node starts communicating with any of the available servers.
BNWSN: Bayesian Network Trust Model for Wireless Sensor Model • Introduction • Wireless Sensor Networks (WSN) • Communication Trust • Data Trust • The research work and simulation consider both communication trust and data trust in model • “The subjective probability by which node A depends on node B to fulfill its promises in performing an action and at the same time being reliable in reporting its sensed data”
Problem Definition • Trust management in WSNs are predominately based on routing messages • Trust model based on communication only is unreliable and misleading • There is no evaluation of sensed data in the trust model (data trust) • How much trust is enough • Which components should be included to decide on trust, called (data trust)