Network intrusion detection systems (NIDSs) have become an essential part for current network security infrastructure. However, in a large-scale network, the overhead network packets can greatly decrease the effectiveness of such detection systems by significantly increasing the processing burden of a NIDS. To mitigate this issue, we advocate that constructing a packet filter is a promising and complementary solution to reduce the workload of a NIDS, especially to reduce the burden of signature matching. We have developed a blacklist-based packet filter to help a NIDS filter out network packets and achieved positive experimental results. But the calculation of IP confidence is still a big challenge for our previous work. In this paper, we further design a packet filter with a trust-based method using Bayesian inference to calculate the IP confidence and explore its performance with a real dataset and in a network environment. We also analyze the trust-based method by comparing it with our previous weight-based method. The experimental results show that by using the trust-based calculation of IP confidence, our designed trust-based blacklist packet filter can achieve a better outcome.
Weitere Kapitel dieses Buchs durch Wischen aufrufen
Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten
Sie möchten Zugang zu diesem Inhalt erhalten? Dann informieren Sie sich jetzt über unsere Produkte:
- Towards Designing Packet Filter with a Trust-Based Approach Using Bayesian Inference in Network Intrusion Detection
- Springer Berlin Heidelberg
Neuer Inhalt/© ITandMEDIA