Browse > Article
http://dx.doi.org/10.13089/JKIISC.2004.14.5.69

The Bayesian Framework based on Graphics for the Behavior Profiling  

차병래 (목포대학교 컴퓨터공학과)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.14, no.5, 2004 , pp. 69-78 More about this Journal
Abstract
The change of attack techniques paradigm was begun by fast extension of the latest Internet and new attack form appearing. But, Most intrusion detection systems detect only known attack type as IDS is doing based on misuse detection, and active correspondence is difficult in new attack. Therefore, to heighten detection rate for new attack pattern, the experiments to apply various techniques of anomaly detection are appearing. In this paper, we propose an behavior profiling method using Bayesian framework based on graphics from audit data and visualize behavior profile to detect/analyze anomaly behavior. We achieve simulation to translate host/network audit data into BF-XML which is behavior profile of semi-structured data type for anomaly detection and to visualize BF-XML as SVG.
Keywords
Anomaly Intrusion Detection; Bayesian Framework; Behavior Profiling;
Citations & Related Records
연도 인용수 순위
  • Reference
1 류회재, 예홍진, '특집 : 네트워크 정보보호 ; 침입탐지율 향상을 위한 네트웍 서비스별 클러스테링(clusyering)' . 정보보호학회지, 2003
2 Shiuh-Pyng Shieh and Virgil D. Gligor, 'On a Pattern-Oriented Model for Intrusion Detection', IEEE Transaction on knowledge and Data Engineering, Vol. 9, No. 4, July/August, 1997
3 Mehdi Nassehi, 'Characterizing Masqueraders for Intrusion Detection', Computer Science/Mathematics, 1998
4 Matthew V. Mahoney and Philip K. Chan, 'PHAD : Packet Header Anomaly Detection for Identifying Hostile Network Traffic', Florida Institute of Technology Technical Report CS-2001 -04, 2001
5 나방형, 심찬규, 이종연, 'XML 그래픽 입문,' 21세기 출판사, 2001.
6 Steven A. Hofmeyr, Stephanie Forrest and Anil Somayaji, 'Intrusion Detection using Sequences of System Calls'. August 18. 1998
7 http://cs.unm.edu/-immsec/data/synth-sm.html
8 Marco Pagni, 'Introduction to Patterns, Profiles and Hidden Markov Models', Swiss Institute of Bioinformatics(SIB), August 30, 2002
9 Sandeep Kumar and Eugene H. Spafford, 'An Application of Pattern Matching in Intrusion Detection', Technical Report CSD-TR-94-013, June 17, 1994
10 http://www.ll.mit.edu/IST/ideval/data/ data-jndex .html
11 이종성, 정찬호, 채수환, '특권 프로세서의 시스템 호출 추적을 사용하는 침입탐지시스템의 설계 : 면역 시스템 접근', 정보보호학회논문지, 2000
12 유은진, 전문석, 이철희, '페트리네트를 이용한 침입탐지 전자지불 프로토콜의 설계와 검증', 정보보호학회논문지, 2000
13 Steven L. Scott, 'A Bayesian Paradigm for Designing Intrusion Detection Systems', Computational Statistics and Data Analysis", June 20, 2002.
14 Dorothy E. Denning, 'An Intrusion Detection Moder,' IEEE Transaction on Software Engineering, Vol. SE-13, No.2, p222-232, February 1987   DOI   ScienceOn