Volume 4 Number 5 (Oct. 2012)
Home > Archive > 2012 > Volume 4 Number 5 (Oct. 2012) >
IJCEE 2012 Vol.4(5): 641-646 ISSN: 1793-8163
DOI: 10.7763/IJCEE.2012.V4.574

Reasoning with Cause and Effect in Intrusion Detection

Yit Yin Wee, Wooi Ping Cheah, Shing Chiang Tan, and KuokKwee Wee

Abstract—Intrusion detection is an essential tool to protect hacking and unauthorized access in computer networks nowadays. Mechanisms used to attack keep evolving as the internet technology is improving. Hence, the task of differentiating authorized and unauthorized access has become more and more challenging. The modeling of network intrusion domain and causal reasoning for the intrusion detection has been proposed in this paper to address the security issues of a network. Bayesian network modeling with causal knowledge-driven approach has been selected for a network intrusion domain. Reasoning capabilities of Bayesian network have been adapted to perform detection and analysis in the domain.There are two main problems to be addressed in this paper: the first problem is to model the network intrusion domain and the second problem is to perform causal reasoning for intrusion detection and analysis. A methodology has been proposed to solve the two problems mentioned above. Intrusion detection is viewed as fault diagnosis in causal reasoning, and the analysis of the effect is viewed as fault prognosis. To address the first problem under causal knowledge-driven approach, we propose Bayesian network for the modeling of network intrusion domain. The second problem is addressed by applying the powerful reasoning capabilities of Bayesian network. The capabilities of causal reasoning using Bayesian network have not been fully discovered in the domain of intrusion detection. This research work is to bridge the gap.

Index Terms—Soft computing, intrusion detection, Bayesiannetwork , causal discovery, causal reasoning.

The authors are with the Multimedia University, Jalan Ayer Keroh Lama75450 Bukit Beruang Melaka Malaysia. (e-mail: yywee@mmu.edu.my,wpcheah@mmu.edu.my, sctan@mmu.edu.my,wee.kuok.kwee@mmu.edu.my).

Cite: Yit Yin Wee, Wooi Ping Cheah, Shing Chiang Tan, and KuokKwee Wee, "Reasoning with Cause and Effect in Intrusion Detection," International Journal of Computer and Electrical Engineering vol. 4, no. 5, pp. 641-646, 2012.

General Information

ISSN: 1793-8163 (Print)
Abbreviated Title: Int. J. Comput. Electr. Eng.
Frequency: Quarterly
Editor-in-Chief: Prof. Yucong Duan
Abstracting/ Indexing: EI (INSPEC, IET), Ulrich's Periodicals Directory, Google Scholar, EBSCO, ProQuest, and Electronic Journals Library
E-mail: ijcee@iap.org

What's New

  • Jun 03, 2019 News!

    IJCEE Vol. 9, No. 2 - Vol. 10, No. 2 have been indexed by EI (Inspec) Inspec, created by the Institution of Engineering and Tech.!   [Click]

  • Aug 20, 2019 News!

    IJCEE Vol 11, No 3 is available online now   [Click]

  • Jun 03, 2019 News!

    IJCEE Vol. 11, No. 2 is available online now.   [Click]

  • Mar 20, 2019 News!

    IJCEE Vol. 11, No. 1 is available online now.   [Click]

  • Mar 20, 2019 News!

    The dois of published papers in Vol. 9, No. 1- Vol. 10, No. 4 have been validated by Crossref.

  • Read more>>