The base-rate fallacy and its implications for the difficulty of intrusion detection
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Bayesian Networks and Decision Graphs
Bayesian Networks and Decision Graphs
Equivalence and synthesis of causal models
UAI '90 Proceedings of the Sixth Annual Conference on Uncertainty in Artificial Intelligence
Analysis of three intrusion detection system benchmark datasets using machine learning algorithms
ISI'05 Proceedings of the 2005 IEEE international conference on Intelligence and Security Informatics
| Hi-index | 0.00 |
The goal of a network-based intrusion detection system (IDS) is to identify malicious behavior that targets a network and its resources. Intrusion detedion parameters are numerous and in many cases they present uncertain and imprecise causal relationships which can affect attack types. A Bayesian Network (BN) is known as graphical modeling tool used to model decision problems containing uncertainty. In this paper, a BN is used to build automatic intrusion detection system based on signature recognition. A major difficulty of this system is that the uncertainty on parameters can haw two origins. The first source of uncertainty comes from the uncertain character of information due to a natural variability resulting from stochastic phenomena. The second source of uncertainty is related to the Imprecise and incomplete character of information due to a lack of knowledge. The goal of this work is to propose a method to propagate both the stochastic and tbe epistemic uncertainties, coming respectively from the uncertain and imprccise character of information, through the bayesian model, in an intrusion detection context.