Abstract
Bilgi Teknolojilerinin gelişimi ile birlikte sistem ve sisteme dahil olan varlıkların içinde bulunduğu tehditler artmaktadır. Bu sebeple bilgi güvenliğinin sağlanması daha da önem kazanmaktadır. Günümüzde tasarlanan bilgi sistemlerinin altyapısı genellikle bilgisayar ağlarına dayanmaktadır ve bu da bilgi sistemlerini saldırılara daha açık hale getirmektedir. Ağ güvenliğinin sağlanmasında Sızma Tespit Sistemleri (Intrusion Detection Systems, IDS) önemli bir araçtır. Sızma Tespit Sisteminde uygulanan teknikler ile saldırılar, ancak kısmen ya da tamamen gerçekleştikten sonra saptanabilmektedir; buna bağlı olarak saldırının kontrol altında tutulması ya da durdurulması zor olmaktadır. Bu nedenle yeni geliştirilecek olan IDS sistemlerine saldırıyı tahmin etme özelliği dahil edilmelidir. Bu çalışmada Bilgisayar ağlarına olan sızmaların önceden tahmin edilmesine yönelik bir yöntem önerisinde bulunulmuştur. Önerilen yöntem test edilerek sonuçlar verilmiştir.
Keywords
Sızma Tahmin Sistemleri Grafa Dayalı Sızma Tahmini İçerik Tabanlı İmza Çıkartılması Hibrit İmza Tanımlaması
References
- [1] Feng L., Wang W., Zhu L., Zhang Y.: Predicting the intrusion intentions by observing system call sequences. Journal of Computers & Security 23, 241–252 (2004)
- [2] Feng L., Wang W., Zhu L., Zhang Y.: Predicting intrusion goal using dynamic Bayesian network with transfer probability estimation. Journal of Network and Computer Applications 32 721–732 (2009)
- [3] Haslum K., Abraham A., Knapskog S.: DIPS: A Framework for Distributed Intrusion Prediction and Prevention Using Hidden Markov Models and Online Fuzzy Risk Assessment. IEEE, Third International Symposium on Information Assurance and Security (2007)
- [4] Haslum K., Abraham A., Knapskog S.: Fuzzy Online Risk Assessment for Distributed Intrusion Prediction and Prevention Systems. IEEE, Tenth International Conference on Computer Modeling and Simulation (2008)
- [5] Haslum K., Moe M.E.G., Knapskog S: Realtime Intrusion Prevention and Security Analysis of Networks using HMMs. IEEE (2008)
- [6] Zhengdao Z., Zhumiao P., Zhiping Z.: The study of intrusion prediction based on HsMM. IEEE, Asia-Pacific Services Computing Conference (2008)
- [7] Cheng-Bin L.: A New Intrusion Prediction Method Based on Feature Extraction. IEEE, Second International Workshop on Computer Science and Engineering (2009)
- [8] Li Z., Lei J., Wang L., Li D.: A Data Mining Approach to Generating Network Attack Graph for Intrusion Prediction. IEEE, Fourth International Conference on Fuzzy Systems and Knowledge Discovery (2007)
- [9] Li Z., Lei J., Wang L., Li D.: Assessing Attack Threat by the Probability of Following Attacks. IEEE, International Conference on Networking, Architecture, and Storage (2007)
- [10] Bayoglu B., Soğukpınar I.: Graph based signature classes for detecting polymorphic worms via content analysis. Elsevier, Computer Networks 56 832–844 (2012)
- [11] Kayacik, H.G., Zincir-Heywood, A.N., Heywood, M.L. (2006). Selecting Features for Intrusion Detection: A Feature Analysis on KDD 99 Intrusion Detection Datasets.
- [12] Olusola, A.A., Oladele, A.S., Abosede, D.O.: Analysis of KDD’99 Intrusion Detection Dataset for Selection of Relevance Features. In Proceedings of the World Congress on Engineering and Computer Science (Vol. 1, pp. 20-22) (2010, October).
- [13] Kim, B. J., & Kim, I. K.: Robust Real-time Intrusion Detection System. International Journal of Information Processing Systems Vol. 1, No. 1 (2005)
- [14] Sindhu, S. S. S., Geetha, S., Marikannan, M., Kannan, A.: A neuro-genetic based short-term forecasting framework for network intrusion prediction system. International Journal of Automation and Computing, 6(4), 406-414 (2009).
- [15] Yu, Z., Tsai, J. J., & Weigert, T.: An adaptive automatically tuning intrusion detection system. ACM Transactions on Autonomous and Adaptive Systems (TAAS), 3(3), 10. (2008)
- [16] KDD-cup data set, Available at URL http://kdd.ics.uci.edu/databases/kddcup99/ kddcup99.html (2004)
Abstract
Along with the improvement of Information Technologies, the threat; that the system and the included entities are in, has been increasing. Therefore ensuring information security gains more importance. The infrastructure of the information systems designed lately, is generally built upon computer networks; which makes information systems more prone to attacks. Intrusion Detection Systems are important tools in providing network security. The attacks in Intrusion Detection Systems (IDS) can only be detected after they occur partially or fully. And because of this, taking attacks under control or ceasing them is difficult. For this reason, attack prediction feature should be included to the new IDS systems to be designed. In this research; a method to predict intrusions through computer networks is suggested. Experimental results has been presented after testing the method.
Keywords
Intrusion Prediction Systems Graph Based Intrusion Prediction Content Based Signature Generation Hibrit Signature Definition
References
- [1] Feng L., Wang W., Zhu L., Zhang Y.: Predicting the intrusion intentions by observing system call sequences. Journal of Computers & Security 23, 241–252 (2004)
- [2] Feng L., Wang W., Zhu L., Zhang Y.: Predicting intrusion goal using dynamic Bayesian network with transfer probability estimation. Journal of Network and Computer Applications 32 721–732 (2009)
- [3] Haslum K., Abraham A., Knapskog S.: DIPS: A Framework for Distributed Intrusion Prediction and Prevention Using Hidden Markov Models and Online Fuzzy Risk Assessment. IEEE, Third International Symposium on Information Assurance and Security (2007)
- [4] Haslum K., Abraham A., Knapskog S.: Fuzzy Online Risk Assessment for Distributed Intrusion Prediction and Prevention Systems. IEEE, Tenth International Conference on Computer Modeling and Simulation (2008)
- [5] Haslum K., Moe M.E.G., Knapskog S: Realtime Intrusion Prevention and Security Analysis of Networks using HMMs. IEEE (2008)
- [6] Zhengdao Z., Zhumiao P., Zhiping Z.: The study of intrusion prediction based on HsMM. IEEE, Asia-Pacific Services Computing Conference (2008)
- [7] Cheng-Bin L.: A New Intrusion Prediction Method Based on Feature Extraction. IEEE, Second International Workshop on Computer Science and Engineering (2009)
- [8] Li Z., Lei J., Wang L., Li D.: A Data Mining Approach to Generating Network Attack Graph for Intrusion Prediction. IEEE, Fourth International Conference on Fuzzy Systems and Knowledge Discovery (2007)
- [9] Li Z., Lei J., Wang L., Li D.: Assessing Attack Threat by the Probability of Following Attacks. IEEE, International Conference on Networking, Architecture, and Storage (2007)
- [10] Bayoglu B., Soğukpınar I.: Graph based signature classes for detecting polymorphic worms via content analysis. Elsevier, Computer Networks 56 832–844 (2012)
- [11] Kayacik, H.G., Zincir-Heywood, A.N., Heywood, M.L. (2006). Selecting Features for Intrusion Detection: A Feature Analysis on KDD 99 Intrusion Detection Datasets.
- [12] Olusola, A.A., Oladele, A.S., Abosede, D.O.: Analysis of KDD’99 Intrusion Detection Dataset for Selection of Relevance Features. In Proceedings of the World Congress on Engineering and Computer Science (Vol. 1, pp. 20-22) (2010, October).
- [13] Kim, B. J., & Kim, I. K.: Robust Real-time Intrusion Detection System. International Journal of Information Processing Systems Vol. 1, No. 1 (2005)
- [14] Sindhu, S. S. S., Geetha, S., Marikannan, M., Kannan, A.: A neuro-genetic based short-term forecasting framework for network intrusion prediction system. International Journal of Automation and Computing, 6(4), 406-414 (2009).
- [15] Yu, Z., Tsai, J. J., & Weigert, T.: An adaptive automatically tuning intrusion detection system. ACM Transactions on Autonomous and Adaptive Systems (TAAS), 3(3), 10. (2008)
- [16] KDD-cup data set, Available at URL http://kdd.ics.uci.edu/databases/kddcup99/ kddcup99.html (2004)
Details
| Other ID | JA37KY63UJ |
|---|---|
| Journal Section | Makaleler(Araştırma) |
| Authors | |
| Publication Date | June 24, 2016 |
| Published in Issue | Year 2013 Volume: 6 Issue: 1 |
Cite
Article Acceptance
Use user registration/login to upload articles online.
The acceptance process of the articles sent to the journal consists of the following stages:
1. Each submitted article is sent to at least two referees at the first stage.
2. Referee appointments are made by the journal editors. There are approximately 200 referees in the referee pool of the journal and these referees are classified according to their areas of interest. Each referee is sent an article on the subject he is interested in. The selection of the arbitrator is done in a way that does not cause any conflict of interest.
3. In the articles sent to the referees, the names of the authors are closed.
4. Referees are explained how to evaluate an article and are asked to fill in the evaluation form shown below.
5. The articles in which two referees give positive opinion are subjected to similarity review by the editors. The similarity in the articles is expected to be less than 25%.
6. A paper that has passed all stages is reviewed by the editor in terms of language and presentation, and necessary corrections and improvements are made. If necessary, the authors are notified of the situation.
.
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.