Title :
Forecast techniques for predicting increase or decrease of attacks using Bayesian inference
Author :
Ishida, Chie ; Arakawa, Yutaka ; Sasase, Iwao ; Takemori, Keisuke
Author_Institution :
Dept. of Inf. & Comput. Sci., Keio Univ., Kanagawa, Japan
Abstract :
The analysis techniques of intrusion detection system (IDS) events are actively researched, since it is important to understand attack trends and devise countermeasures against incidents. To aim at a quick response in security operation, it is necessary to forecast a fluctuation of attacks. However, there is no approach for predicting the fluctuation of attacks, since the fluctuation of attacks seems to be random. In this paper, we propose forecast techniques for predicting increase or decrease of the attacks by using the Bayesian inference for calculating the conditional probability based on past-observed event counts. We consider two algorithms by focusing on an attack cycle and a fluctuation range of the event counts. We implement a forecasting system and evaluate it with real IDS events. As a result, our proposed technique can forecast increase or decrease of the event counts, and be effective to various types of attacks.
Keywords :
belief networks; computer networks; inference mechanisms; security of data; Bayesian inference; attacks fluctuation prediction; conditional probability; forecast techniques; intrusion detection system; past-observed event counts; security operation; Bayesian methods;
Conference_Titel :
Communications, Computers and signal Processing, 2005. PACRIM. 2005 IEEE Pacific Rim Conference on
Print_ISBN :
0-7803-9195-0
DOI :
10.1109/PACRIM.2005.1517323
