Service specific anomaly detection for network intrusion detection
Proceedings of the 2002 ACM symposium on Applied computing
Introduction to Bayesian Networks
Introduction to Bayesian Networks
Learning nonstationary models of normal network traffic for detecting novel attacks
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Network traffic anomaly detection based on packet bytes
Proceedings of the 2003 ACM symposium on Applied computing
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
A Framework for the Evaluation of Intrusion Detection Systems
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
A stochastic model for intrusions
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Towards an information-theoretic framework for analyzing intrusion detection systems
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
| Hi-index | 0.00 |
Due to the growing threat of network attacks, detecting and measuring the network abuse are increasingly important. Network intrusion detection is the most frequently deployed approach. Detection frequently relies on only signature matching methods, and therefore suffers from lower accuracy and higher false alarm rates. This investigation presents a data-mining model (PAID) that constructs a packet header anomaly detection system with a Bayesian approach. The model accurately and automatically detects new malicious network attempts. On the DARPA evaluation data set, our method yields an accuracy of over 99.2% and a false positive rate of 0.03% for a DoS attack. Experimental results validate the feasibility of PAID to detect network intrusion.