1 / 24

Application of Bayesian Network in Computer Networks

Application of Bayesian Network in Computer Networks. Raza H. Abedi. Misuse-Based Intrusion Detection Using Bayesian Networks. Introduction NIDS Snort Bayesian System for Intrusion Detection (Basset) Misuse Based Anomaly Based Misuse base system is studied in this paper

lev
Download Presentation

Application of Bayesian Network in Computer Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Application of Bayesian Networkin Computer Networks Raza H. Abedi

  2. Misuse-Based Intrusion Detection Using Bayesian Networks • Introduction • NIDS • Snort • Bayesian System for Intrusion Detection (Basset) • Misuse Based • Anomaly Based • Misuse base system is studied in this paper • Goal is to provide better detection capabilities and less chances of false alarms

  3. Problem Identification • The possibility that a fingerprint might be matched with a legitimate packet will always be there • Since some fingerprints contain detailed description, so there might be a possibility that if some hacker change only the port number than the malicious packet will be treated as a legitimate packet. • Snort treat each event individually, it cannot analyze any link between certain flows of packet. Some attack scenario involves three different phases, reconnaissance, actual attack and post attack activity

  4. Problem Identification • It is not possible to gather information about any computer which is an intended target of the attack. Insignificant alarm could be raised without an actual threat • There is no learning capability in the system, since all rules are human-made so there is no way that the program could modify them in any way

  5. Solution

  6. Solution

  7. A Probabilistic Approach for Network Intrusion Detection • Introduction • The aim is to propose a probabilistic approach for detecting intrusions by using Bayesian Network • Three variation of BN (Naïve BN, Learned BN and Handcrafted BN) were evaluated from which the optimal BN was obtained • Three categories of attack were considered (DoS, Probing, Remote to Local and User to Root) • The data set consists of around half million records, Records are split in to 80% and 20%, for training and testing phase

  8. Problem Definition • To select after evaluation, which type of BN is the most optimal one in our scenario • 80% of the data is first utilized in structure building and the remaining 20% were used to obtain classification accuracies of BNs

  9. Proposed IDS Architecture

  10. Solution

  11. Solution

  12. Solution

  13. Results

  14. A Bayesian Network Based Trust Model for Improving Collaboration in Mobile Ad hoc Networks • Introduction • Mobile Ad hoc Network • Model evaluates trust in a server with direct experience and recommendations from other nodes in MANET • A BN based trust model is proposed and evaluated through simulation that the model is optimal in selecting best server among a set of eligible servers

  15. Problem Identification • Mobile ad hoc network consist of a number of nodes communicating with each other without any central control or hierarchy • It is impossible to ascertain which node is a malicious one or the legitimate one • A trust must be established before a node starts communicating with any of the available servers.

  16. Solution

  17. Result

  18. BNWSN: Bayesian Network Trust Model for Wireless Sensor Model • Introduction • Wireless Sensor Networks (WSN) • Communication Trust • Data Trust • The research work and simulation consider both communication trust and data trust in model • “The subjective probability by which node A depends on node B to fulfill its promises in performing an action and at the same time being reliable in reporting its sensed data”

  19. Problem Definition • Trust management in WSNs are predominately based on routing messages • Trust model based on communication only is unreliable and misleading • There is no evaluation of sensed data in the trust model (data trust) • How much trust is enough • Which components should be included to decide on trust, called (data trust)

  20. Solution

  21. Multiplication of Beta and Normal Distribution

  22. Results

  23. Results

  24. Results

More Related