DIPS: A Framework for Distributed Intrusion Prediction and Prevention Using Hidden Markov Models and Online Fuzzy Risk Assessment

I
IAS
2007
2007 The Third International Symposium on Information Assurance and Security
Abstract - DIPS: A Framework for Distributed Intrusion Prediction and Prevention Using Hidden Markov Models and Online Fuzzy Risk Assessment

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Kjetil Haslum Articles by Ajith Abraham Articles by Svein Knapskog

2007 The Third International Symposium on Information Assurance and Security

Manchester, United Kingdom

August 29-August 31

ISBN: 0-7695-2876-7

	ASCII Text	x
	Kjetil Haslum, Ajith Abraham, Svein Knapskog, "DIPS: A Framework for Distributed Intrusion Prediction and Prevention Using Hidden Markov Models and Online Fuzzy Risk Assessment," Information Assurance and Security, International Symposium on, pp. 183-190, 2007 The Third International Symposium on Information Assurance and Security, 2007.

	BibTex	x
	@article{ 10.1109/IAS.2007.67, author = {Kjetil Haslum and Ajith Abraham and Svein Knapskog}, title = {DIPS: A Framework for Distributed Intrusion Prediction and Prevention Using Hidden Markov Models and Online Fuzzy Risk Assessment}, journal ={Information Assurance and Security, International Symposium on}, volume = {0}, year = {2007}, isbn = {0-7695-2876-7}, pages = {183-190}, doi = {http://doi.ieeecomputersociety.org/10.1109/IAS.2007.67}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Information Assurance and Security, International Symposium on TI - DIPS: A Framework for Distributed Intrusion Prediction and Prevention Using Hidden Markov Models and Online Fuzzy Risk Assessment SN - 0-7695-2876-7 SP183 EP190 A1 - Kjetil Haslum, A1 - Ajith Abraham, A1 - Svein Knapskog, PY - 2007 KW - null VL - 0 JA - Information Assurance and Security, International Symposium on ER -

Kjetil Haslum, Norwegian University of Science and Technology, Norway

Ajith Abraham, Norwegian University of Science and Technology, Norway

Svein Knapskog, Norwegian University of Science and Technology, Norway

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/IAS.2007.67

This paper proposes a Distributed Intrusion Prevention System (DIPS), which consists of several IPS over a large network (s), all of which communicate with each other or with a central server, that facilitates advanced network monitoring. A Hidden Markov Model is proposed for sensing intrusions in a distributed environment and to make a one step ahead prediction against possible serious intrusions. DIPS is activated based on the predicted threat level and risk assessment of the protected assets. Intrusions attempts are blocked based on (1) a serious attack that has already occurred (2) rate of packet flow (3) prediction of possible serious intrusions and (4) online risk assessment of the assets possibly available to the intruder. The focus of this paper is on the distributed monitoring of intrusion attempts, the one step ahead prediction of such attempts and online risk assessment using fuzzy inference systems. Preliminary experiment results indicate that the proposed framework is efficient for real time distributed intrusion monitoring and prevention.

Citation:

Kjetil Haslum, Ajith Abraham, Svein Knapskog, "DIPS: A Framework for Distributed Intrusion Prediction and Prevention Using Hidden Markov Models and Online Fuzzy Risk Assessment," ias, pp.183-190, 2007 The Third International Symposium on Information Assurance and Security, 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.