Authors:
Harpreet Singh
1
;
Habib Louafi
2
and
Yiyu Yao
1
Affiliations:
1
Department of Computer Science, University of Regina, Regina, SK, Canada
;
2
Department of Science and Technology, TELUQ University, Montreal, QC, Canada
Keyword(s):
IDS, DoS, DDoS, Bayesian Networks, Markov Networks, Machine Learning, Artificial Intelligence.
Abstract:
Network intrusion detection systems (NIDS) play an important role in cybersecurity, but they face obstacles such as unpredictability and computational complexity. To solve these challenges, we propose a novel probabilistic NIDS that detects DoS and DDoS attacks carried out on the TCP, UDP, and ICMP protocols. Our method incorporates knowledge from the fields of these protocols using Bayesian networks (BN) and Markov networks (MN). Inference is performed using Variable Elimination (VE) for BN and Shafer-Shenoy (SS) Propagation, as well as Lazy Propagation (LP) for MN. Extensive tests on the CAIDA dataset have yielded promising results, with higher Precision, Recall, and F1-Score metrics. Notably, both SS and LP are efficient, demonstrating the effectiveness of our proposed NIDS in improving network security.