Abstract
Network intrusion detection systems (NIDSs) have become an essential part for current network security infrastructure. However, in a large-scale network, the overhead network packets can greatly decrease the effectiveness of such detection systems by significantly increasing the processing burden of a NIDS. To mitigate this issue, we advocate that constructing a packet filter is a promising and complementary solution to reduce the workload of a NIDS, especially to reduce the burden of signature matching. We have developed a blacklist-based packet filter to help a NIDS filter out network packets and achieved positive experimental results. But the calculation of IP confidence is still a big challenge for our previous work. In this paper, we further design a packet filter with a trust-based method using Bayesian inference to calculate the IP confidence and explore its performance with a real dataset and in a network environment. We also analyze the trust-based method by comparing it with our previous weight-based method. The experimental results show that by using the trust-based calculation of IP confidence, our designed trust-based blacklist packet filter can achieve a better outcome. Copyright © 2013 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering.
Original language | English |
---|---|
Title of host publication | Security and privacy in communication networks: 8th International ICST Conference, SecureComm 2012, Padua, Italy, September 3-5, 2012. revised selected papers |
Editors | Angelos D. KEROMYTIS, Roberto PIETRO |
Place of Publication | Berlin |
Publisher | Springer |
Pages | 203-221 |
ISBN (Electronic) | 9783642368837 |
ISBN (Print) | 9783642368820 |
DOIs | |
Publication status | Published - 2013 |
Citation
Meng, Y., Kwok, L.-F., & Li, W. (2013). Towards designing packet filter with a trust-based approach using Bayesian inference in network intrusion detection. In A. D. Keromytis & R. Pietro (Eds.), Security and privacy in communication networks: 8th International ICST Conference, SecureComm 2012, Padua, Italy, September 3-5, 2012. revised selected papers (pp. 203-221). Springer. https://doi.org/10.1007/978-3-642-36883-7_13Keywords
- Packet filter
- IP confidence
- Trust calculation
- Network intrusion detection
- Bayesian inference