A frame work for IDS
no vote
The goal of a network-based intrusion detection
system (IDS) is to identify malicious behavior that targets a network and its
resources. Intrusion detection parameters are numerous and in many cases they
present uncertain and imprecise causal relationships which can affect attack
types. A Bayesian Network (BN) is known as graphical modeling tool used to
model decision problems containing uncertainty. In this paper, a BN is used to
build automatic intrusion detection system based on signature recognition. The
goal is to recognize signatures of known attacks, match the observed behavior
with those known signatures, and signal intrusion when there is a match. A
major difficulty of this system is that intrusions signatures change over the
time and the system must be retrained. An IDS must be able to adapt to these
changes. The goal of this paper is to provide a framework for an adapti