Towards designing packet filter with a trust-based approach using Bayesian inference in network intrusion detection

Yuxin MENG, Lam-For KWOK, Wenjuan LI

Research output: Chapter in Book/Report/Conference proceedingChapters

20 Citations (Scopus)

Abstract

Network intrusion detection systems (NIDSs) have become an essential part for current network security infrastructure. However, in a large-scale network, the overhead network packets can greatly decrease the effectiveness of such detection systems by significantly increasing the processing burden of a NIDS. To mitigate this issue, we advocate that constructing a packet filter is a promising and complementary solution to reduce the workload of a NIDS, especially to reduce the burden of signature matching. We have developed a blacklist-based packet filter to help a NIDS filter out network packets and achieved positive experimental results. But the calculation of IP confidence is still a big challenge for our previous work. In this paper, we further design a packet filter with a trust-based method using Bayesian inference to calculate the IP confidence and explore its performance with a real dataset and in a network environment. We also analyze the trust-based method by comparing it with our previous weight-based method. The experimental results show that by using the trust-based calculation of IP confidence, our designed trust-based blacklist packet filter can achieve a better outcome. Copyright © 2013 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering.

Original languageEnglish
Title of host publicationSecurity and privacy in communication networks: 8th International ICST Conference, SecureComm 2012, Padua, Italy, September 3-5, 2012. revised selected papers
EditorsAngelos D. KEROMYTIS, Roberto PIETRO
Place of PublicationBerlin
PublisherSpringer
Pages203-221
ISBN (Electronic)9783642368837
ISBN (Print)9783642368820
DOIs
Publication statusPublished - 2013

Citation

Meng, Y., Kwok, L.-F., & Li, W. (2013). Towards designing packet filter with a trust-based approach using Bayesian inference in network intrusion detection. In A. D. Keromytis & R. Pietro (Eds.), Security and privacy in communication networks: 8th International ICST Conference, SecureComm 2012, Padua, Italy, September 3-5, 2012. revised selected papers (pp. 203-221). Springer. https://doi.org/10.1007/978-3-642-36883-7_13

Keywords

  • Packet filter
  • IP confidence
  • Trust calculation
  • Network intrusion detection
  • Bayesian inference

Fingerprint

Dive into the research topics of 'Towards designing packet filter with a trust-based approach using Bayesian inference in network intrusion detection'. Together they form a unique fingerprint.