基于PageRank的风险评估系统研究

IF 0.9 4区计算机科学 Q4 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Internet Technology Pub Date : 2019-12-01 DOI:10.3966/160792642019122007022

C. Kuo, C. Hou, Chu-Sing Yang

{"title":"基于PageRank的风险评估系统研究","authors":"C. Kuo, C. Hou, Chu-Sing Yang","doi":"10.3966/160792642019122007022","DOIUrl":null,"url":null,"abstract":"In recent years, network technology has developed rapidly. However, the Internet has been subject to a variety of attacks. Several notable attack events have been reported, such as those involving the use of flooding flows on widely used message boards, installation of malware in an automated teller machine to steal more than 80 million, and use of WannaCry to encrypt users’ files and request for ransoms. The majority of the attacks cannot be defended using single methods. Network-based intrusion detection systems (NIDSs) and host-based IDSs (HIDSs) can determine whether a system has been attacked. A NIDS alone cannot detect web-based attacks or system vulnerabilities. Thus, this paper proposes a risk assessment system (RAS) that integrates a NIDS and HIDS to detect suspicious behaviors and assess the risk value of Internet protocols (IPs). The RAS focuses on the analysis of attack or suspicious behaviors using the NIDS and HIDS. Furthermore, the system quantizes the influence of attackers in suspicious events by using PageRank. Finally, the RAS derives the risk value of every IP to warn users of an attack and protect hosts or devices from the attacks.","PeriodicalId":50172,"journal":{"name":"Journal of Internet Technology","volume":"20 1","pages":"2255-2264"},"PeriodicalIF":0.9000,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"The Study of a Risk Assessment System based on PageRank\",\"authors\":\"C. Kuo, C. Hou, Chu-Sing Yang\",\"doi\":\"10.3966/160792642019122007022\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In recent years, network technology has developed rapidly. However, the Internet has been subject to a variety of attacks. Several notable attack events have been reported, such as those involving the use of flooding flows on widely used message boards, installation of malware in an automated teller machine to steal more than 80 million, and use of WannaCry to encrypt users’ files and request for ransoms. The majority of the attacks cannot be defended using single methods. Network-based intrusion detection systems (NIDSs) and host-based IDSs (HIDSs) can determine whether a system has been attacked. A NIDS alone cannot detect web-based attacks or system vulnerabilities. Thus, this paper proposes a risk assessment system (RAS) that integrates a NIDS and HIDS to detect suspicious behaviors and assess the risk value of Internet protocols (IPs). The RAS focuses on the analysis of attack or suspicious behaviors using the NIDS and HIDS. Furthermore, the system quantizes the influence of attackers in suspicious events by using PageRank. Finally, the RAS derives the risk value of every IP to warn users of an attack and protect hosts or devices from the attacks.\",\"PeriodicalId\":50172,\"journal\":{\"name\":\"Journal of Internet Technology\",\"volume\":\"20 1\",\"pages\":\"2255-2264\"},\"PeriodicalIF\":0.9000,\"publicationDate\":\"2019-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Internet Technology\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.3966/160792642019122007022\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Internet Technology","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.3966/160792642019122007022","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

近年来，网络技术发展迅速。然而，互联网一直受到各种各样的攻击。据报道，一些著名的攻击事件涉及在广泛使用的留言板上使用洪水，在自动柜员机中安装恶意软件窃取超过8000万美元，以及使用WannaCry加密用户文件并要求赎金。大多数攻击不能用单一的方法来防御。基于网络的入侵检测系统(nids)和基于主机的入侵检测系统(hids)可以检测系统是否受到攻击。单独的NIDS无法检测基于web的攻击或系统漏洞。因此，本文提出了一种集成了NIDS和HIDS的风险评估系统(RAS)，用于检测可疑行为并评估互联网协议(ip)的风险值。RAS侧重于利用入侵防御系统和入侵防御系统分析攻击或可疑行为。此外，该系统利用PageRank量化攻击者在可疑事件中的影响。最后，RAS提取每个IP的风险值，警告用户攻击，保护主机或设备免受攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

The Study of a Risk Assessment System based on PageRank

In recent years, network technology has developed rapidly. However, the Internet has been subject to a variety of attacks. Several notable attack events have been reported, such as those involving the use of flooding flows on widely used message boards, installation of malware in an automated teller machine to steal more than 80 million, and use of WannaCry to encrypt users’ files and request for ransoms. The majority of the attacks cannot be defended using single methods. Network-based intrusion detection systems (NIDSs) and host-based IDSs (HIDSs) can determine whether a system has been attacked. A NIDS alone cannot detect web-based attacks or system vulnerabilities. Thus, this paper proposes a risk assessment system (RAS) that integrates a NIDS and HIDS to detect suspicious behaviors and assess the risk value of Internet protocols (IPs). The RAS focuses on the analysis of attack or suspicious behaviors using the NIDS and HIDS. Furthermore, the system quantizes the influence of attackers in suspicious events by using PageRank. Finally, the RAS derives the risk value of every IP to warn users of an attack and protect hosts or devices from the attacks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Internet Technology COMPUTER SCIENCE, INFORMATION SYSTEMS-TELECOMMUNICATIONS

CiteScore

3.20

自引率

18.80%

发文量

112

审稿时长

13.8 months

期刊介绍： The Journal of Internet Technology accepts original technical articles in all disciplines of Internet Technology & Applications. Manuscripts are submitted for review with the understanding that they have not been published elsewhere. Topics of interest to JIT include but not limited to: Broadband Networks Electronic service systems (Internet, Intranet, Extranet, E-Commerce, E-Business) Network Management Network Operating System (NOS) Intelligent systems engineering Government or Staff Jobs Computerization National Information Policy Multimedia systems Network Behavior Modeling Wireless/Satellite Communication Digital Library Distance Learning Internet/WWW Applications Telecommunication Networks Security in Networks and Systems Cloud Computing Internet of Things (IoT) IPv6 related topics are especially welcome.