Abstract
Intrusion Detection Systems (IDS) have previously been built by hand. These systems have difficulty successfully classifying intruders, and require a significant amount of computational overhead making it difficult to create robust real-time IDS systems. Artificial Intelligence techniques can reduce the human effort required to build these systems and can improve their performance. AI has recently been used in Intrusion Detection (ID) for anomaly detection, data reduction and induction, or discovery, of rules explaining audit data [1]. This paper proposes the application of evidential reasoning for dealing with uncertainty in Intrusion Detection Systems. We show how dealing with uncertainty can allow the system to detect the abnormality in the user behavior more efficiently.
Preview
Unable to display preview. Download preview PDF.
References
J. Frank, “Artificial intelligence and intrusion detection: Current and future directions,” in Proceedings of 17th National Computer Security Conference, vol. 1, (Baltimore, Meryland), pp. 22–33, 11–14 oct 1994.
M. Esmaili, R. Safavi-Naini, and J. Pieprzyk, “Computer intrusion detection: A comparative survey,” Tech. Rep. TR-95-07, Department of Computer Science, University of Wollongong, Australia, 1995.
M. Esmaili, R. Safavi-Naini, and J. Pieprzyk, “Intrusion detection: A survey,” in Proceedings of Twelfth International Conference on Computer Communication ICCC'95, vol. 1, (Seoul, Korea), pp. 409–414, 21–24 August 1995. Sponsored by International Council for Computer Communication.
D. S. Bauer and M. E. Koblentz, “NIDX — an expert system for real-time network intrusion detection,” in Proceedings of the IEEE Computer Networking Symposium, pp. 98–106, 1988.
A. Brignone, “Fuzzy Sets: An answer to the evaluation of security systems?,” in Proceedings of Fourth IFIP TCII International Conference on Comp. Sec. (IFIP/Sec'86), (Monte Carlo, Monaco), pp. 143–151, 2–4 Dec. 1986.
H. Debar and B. Dorizzi, “An application of a recurrent network to an intrusion detection system,” in Proceedings of International Joint Conference on Neural Networks, pp. II478–II483, 7–11 June 1992.
H. Debar, M. Becker, and D. Siboni, “A neural network component for an intrusion detection system,” in proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 240–250, 4–6 May 1992.
T. F. Lunt, “IDES: An intelligent system for detecting intruders,” in Proceedings of the Symposium: Computer Security, Threat and Countermeasures, (Rome, Italy), November 1990.
D. Anderson and et. al, “Next generation intrusion detection expert system (NIDES): User manual for security officer user interface (SOUI),” technical report, SRI International, 26 March 1993.
S. J. Henkind and M. C. Harrison, “An analysis of four uncertainty calculi,” IEEE Transactions on Systems, Man, and Cybernetics, vol. 18, pp. 700–714, Sept./Oct. 1988.
P. Lucas and L. Van Der Gaag, Principles of Expert Systems. Addison-Wesley Publishing Company, 1991.
J. D. Lowrance and T. D. Garvey, “A framework for evidential-reasoning systems,” in Readings in Uncertain Reasoning (G. Shafer and J. Pearl, eds.), pp. 611–618, San Mateo, California: Morgan Kaufmann Publishers, Inc., 1990.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1996 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Esmaili, M., Safavi-Naini, R., Pieprzyk, J. (1996). Evidential reasoning in network intrusion detection systems. In: Pieprzyk, J., Seberry, J. (eds) Information Security and Privacy. ACISP 1996. Lecture Notes in Computer Science, vol 1172. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0023304
Download citation
DOI: https://doi.org/10.1007/BFb0023304
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-61991-8
Online ISBN: 978-3-540-49583-3
eBook Packages: Springer Book Archive