Abstract—Computer security is essential in information technology world today; confidentiality, availability and integrity of data are the aspects concerned. Firewall has been widely deployed as a protection but it is no longer adequate to against the intelligent intrusions and attacks which keep changing and transforming. A network intrusion detection and analysis system has been introduced in this paper to resolve the problems of data confidentiality, availability and integrity. The challenge of the study is; first, to model the network intrusion detection domain and second, to perform causal reasoning for intrusion detection and analysis based on the domain model constructed earlier. In this paper, a methodology has been proposed to resolve the two problems mentioned above. Both problems will be addressed under causal knowledge driven approach where intrusion detection is viewed as fault diagnosis and prognosis processes. We have proposed Bayesian network for the modeling of network intrusion domain. Also, powerful reasoning capabilities of Bayesian network have been applied to discover intrusion attacks. Since the capabilities of causal reasoning using Bayesian network have not been fully discovered in the domain of intrusion detection by most of the researchers before, this research work is to bridge the gap. From the results of the experiment, we have concluded that the capability of Bayesian learning is reasonably accurate and efficient.
Index Terms—Bayesian network, causal discovery, causal reasoning, intrusion detection, soft computing.
Y.Y Wee is with the Multimedia University, Jalan Ayer Keroh Lama 75450 Bukit Beruang Melaka Malaysia. (e-mail: email@example.com). W.P Cheah is with the Multimedia University, Jalan Ayer Keroh Lama 75450 Bukit Beruang Melaka Malaysia. (e-mail: firstname.lastname@example.org). S.C Tan is with the Multimedia University, Jalan Ayer Keroh Lama 75450 Bukit Beruang Melaka Malaysia. (e-mail: email@example.com). K.K Wee is with the Multimedia University, Jalan Ayer Keroh Lama 75450 Bukit Beruang Melaka Malaysia. (e-mail: firstname.lastname@example.org).
Cite: Yit Yin Wee, Wooi Ping Cheah, Shing Chiang Tan and KuokKwee Wee, "Causal Discovery and Reasoning for Intrusion Detection using Bayesian Network," International Journal of Machine Learning and Computing vol. 1, no. 2, pp. 185-192 , 2011.