Abstract
In this paper, intrusion detection method using Bayesian Networks was estimated probability values of behavior contexts based on Bayes theory and Indirect relation. The contexts of network-based FTP service was represented Bayesian Networks of graphic types. We profiled concisely network-based FTP behaviors using behavior context by prior, posterior and Indirect relation. And this method be able to visualize behavior profile to detect/analyze anomaly behavior by BF-XML. We achieve simulation to translate audit data of network into BF-XML which is behavior profile of semi-structured data type for anomaly detection and to visualize BF-XML as SVG.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Nassehi, M.: Characterizing Masqueraders for Intrusion Detection. Computer Science/Mathematics (1998)
Scott, S. L.: A Bayesian Paradigm for Designing Intrusion Detection Systems. Computational Statistics and Data Analysis (June 20, 2002)
Denning, D.E.: An Intrusion-Detection Model. IEEE Transaction on Software Engineering 13(2), 222–232 (1987)
Shieh, S.-P., Gligor, V.D.: On a Pattern-Oriented Model for Intrusion Detection. IEEE Transaction on knowledge and Data Engineering 9(4) (1997)
Kumar, S., Spafford, E.H.: An Application of Pattern Matching in Intrusion Detection. Technical Report CSD-TR-94-013 (June 17, 1994)
Barbara, D., Couto, J., Jajodia, S., Popyack, L., Wu, N.: ADAM: Detecting Intrusions by Data Mining. In: Proceedings of the 2001 IEEE Workshop on Information Assurance and Security (2001)
Cha, B.: The Prototype of Bayesian framework based on XML for System Call Profiling. GESTS Int’l Trans. Computer Science and Eng. 15(1) (2005)
Mahoney, M.V., Chan, P.K.: Learning Nonstationary Models of Normal Network Traffic for Detecting Novel Attacks (2002)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cha, B., Jeong, J. (2007). Improvement of Anomaly Intrusion Detection Performance by Indirect Relation for FTP Service. In: Sandoval, F., Prieto, A., Cabestany, J., Graña, M. (eds) Computational and Ambient Intelligence. IWANN 2007. Lecture Notes in Computer Science, vol 4507. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73007-1_108
Download citation
DOI: https://doi.org/10.1007/978-3-540-73007-1_108
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-73006-4
Online ISBN: 978-3-540-73007-1
eBook Packages: Computer ScienceComputer Science (R0)