Probabilistic approach for Intrusion Detection System - FOMC technique

2014 Sixth International Conference on Advanced Computing (ICoAC) Pub Date : 2014-12-01 DOI:10.1109/ICOAC.2014.7229705

A. S. Aneetha, S. Bose

{"title":"Probabilistic approach for Intrusion Detection System - FOMC technique","authors":"A. S. Aneetha, S. Bose","doi":"10.1109/ICOAC.2014.7229705","DOIUrl":null,"url":null,"abstract":"Detection of unexpected and emerging new threats has become a necessity for secured internet communication with absolute data confidentiality, integrity, and availability. Design and development of such a detection system shall not only be new, accurate and fast but also effective in a dynamic environment encompassing the surrounding network. In this work, an attempt is made to design an intrusion detection model based on the probabilistic approach, first-order Markov chain process, to effectively detection and predict network intrusions. As a first step, the states are defined using clustering techniques for the network traffic profiles; secondly state transition probability matrix and initial probability distribution are determined based on the states defined. Based on the network states, the probability of event occurrence is stochastically measured if the value is lesser than the predefined probability then it event is predicted as anomaly. The proposed probabilistic model performance is evaluated through experiments using KDD Cup99 dataset. The proposed models achieve better detection rate while the attacks are detected in levels of stages.","PeriodicalId":325520,"journal":{"name":"2014 Sixth International Conference on Advanced Computing (ICoAC)","volume":"128 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 Sixth International Conference on Advanced Computing (ICoAC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICOAC.2014.7229705","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

Detection of unexpected and emerging new threats has become a necessity for secured internet communication with absolute data confidentiality, integrity, and availability. Design and development of such a detection system shall not only be new, accurate and fast but also effective in a dynamic environment encompassing the surrounding network. In this work, an attempt is made to design an intrusion detection model based on the probabilistic approach, first-order Markov chain process, to effectively detection and predict network intrusions. As a first step, the states are defined using clustering techniques for the network traffic profiles; secondly state transition probability matrix and initial probability distribution are determined based on the states defined. Based on the network states, the probability of event occurrence is stochastically measured if the value is lesser than the predefined probability then it event is predicted as anomaly. The proposed probabilistic model performance is evaluated through experiments using KDD Cup99 dataset. The proposed models achieve better detection rate while the attacks are detected in levels of stages.

查看原文本刊更多论文

入侵检测系统的概率方法- FOMC技术

检测意外的和新出现的威胁已经成为具有绝对数据机密性、完整性和可用性的安全互联网通信的必要条件。这种检测系统的设计和开发不仅要新颖、准确、快速，而且要在包含周围网络的动态环境中有效。本文尝试设计一种基于概率方法一阶马尔可夫链过程的入侵检测模型，以有效地检测和预测网络入侵。作为第一步，使用集群技术定义网络流量概况的状态;其次，根据状态定义确定状态转移概率矩阵和初始概率分布;根据网络状态，随机测量事件发生的概率，如果该概率小于预定义的概率，则将该事件预测为异常。利用KDD Cup99数据集对该概率模型的性能进行了实验评价。该模型对攻击进行分级检测，具有较高的检测率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2014 Sixth International Conference on Advanced Computing (ICoAC)

自引率

0.00%

发文量