A Bayesian Classification Model for Real‐Time Intrusion Detection
作者:
Ricardo S. Puttini,
Zakia Marrakchi,
Ludovic Me´,
期刊:
AIP Conference Proceedings
(AIP Available online 1903)
卷期:
Volume 659,
issue 1
页码: 150-162
ISSN:0094-243X
年代: 1903
DOI:10.1063/1.1570541
出版商: AIP
数据来源: AIP
摘要:
Intrusion‐detection systems (IDS) have been used as part of the security of information and communication technologies infrastructure because it is difficult to ensure that information systems are free from security flaws. In this paper we present a new design of an anomaly IDS. Design and development of the IDS are considered in our 3 main stages: normal behavior construction, anomaly detection and model update. A parametrical mixture model is used for behavior modeling from reference data. The associated Bayesian classification leads to the detection algorithm. A continuous model parameter re‐estimation is discussed as a possible heuristic for model update. Real‐time requirements are presented. Detection and update algorithms for the special case of Gaussian parametrical model are designed and evaluated with respect to their real‐time features in a PC‐like platform without any special hardware requirements. Experiments validating the model are presented as well. © 2003 American Institute of Physics
点击下载:
PDF
(452KB)
返 回