Advertisement

Implementation of an IP Management and Risk Assessment System Based on PageRank

  • Chia-Ling HouEmail author
  • Cheng-Chung KuoEmail author
  • I-Hsien Liu
  • Chu-Sing YangEmail author
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 895)

Abstract

Recently, network technology had brought a variety of attacks on the Internet, unfortunately, no one is safe in this trend. Network managers try to find the attackers and search for the suspicious behaviors in the network connections to defend their services. Intrusion Detection System (IDS) can help network managers to find out the network attacks, but for some special cases, IDS has its limitation. Proposed system integrated network-based IDS (NIDS) and host-based IDS (HIDS) to detect the suspicious behavior and assess the risk value of each IP. This research is dedicated to separating attacks and suspicious behaviors analysis by network-based IDS and host-based IDS. Furthermore, the proposed system will also find the relations among suspicious IP by using the modified PageRank algorithm and correlate the events to estimate the risk for each IP. The ranking of each IP represent the risk level and network managers can protect the hosts by the ranking. The experiment results show that the proposed system can achieve the goal of managing attack and tracking the suspicious ones. It can help users to take appropriate action in time.

Keywords

NIDS HIDS Risk assessment 

References

  1. 1.
    Ehrenfeld, J.M.: Wannacry, cybersecurity and health information technology: a time to act. J. Med. Syst. 41(7), 104 (2017)CrossRefGoogle Scholar
  2. 2.
    Narayanaswamy, K., Burns, B., Manthena, V.R.R.: Protecting against distributed network flood attacks. U.S. Patent No. 8,789,173, 22 July 2014Google Scholar
  3. 3.
    Sabahi, F., Movaghar, A.: Intrusion detection: a survey. In: 2008 Third International Conference on Systems and Networks Communications (2008)Google Scholar
  4. 4.
    Lazarevic, A., Kumar, V., Srivastava, J.: Intrusion detection: a survey. In: Kumar, V., Srivastava, J., Lazarevic, A. (eds.) Managing Cyber Threats, pp. 19–78. Springer, Boston (2005)CrossRefGoogle Scholar
  5. 5.
    Liao, H., Lin, C.R., Lin, Y., Tung, K.: Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1), 16–24 (2013)CrossRefGoogle Scholar
  6. 6.
    Vokorokos, L., Balaz, A.: Host-based intrusion detection system. In: 2010 IEEE 14th International Conference on Intelligent Engineering Systems (2010)Google Scholar
  7. 7.
    Vigna, G., Kemmerer, R.: NetSTAT: a network-based intrusion detection system. J. Comput. Secur. 7(1), 37–71 (1999)CrossRefGoogle Scholar
  8. 8.
    Data Mining: Concepts and Techniques. Liacs.leidenuniv.nl (2018). http://liacs.leidenuniv.nl/~bakkerem2/dbdm2007/05_dbdm2007_Data%20Mining.pdf. Accessed 10 Oct 2018
  9. 9.
    Page, L., et al.: The PageRank citation ranking: bringing order to the web. Stanford InfoLab (1999)Google Scholar
  10. 10.
    ISO 31000:2018. Iso.org (2018). https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-2:v1:en. Accessed 3 Oct 2018
  11. 11.
    Li, S., et al.: An improved information security risk assessments method for cyber-physical-social computing and networking. IEEE Access 6, 10311–10319 (2018)CrossRefGoogle Scholar
  12. 12.
    Codetta-Raiteri, D., Portinale, L.: Decision networks for security risk assessment of critical infrastructures. ACM Trans. Internet Technol. (TOIT) 18(3), 29 (2018)CrossRefGoogle Scholar
  13. 13.
    Tseng, D., Yang, C.: A NetFlow based malicious traffic detection research using XGBoost. Cheng Kung University, Institute of Computer and Communication Engineering (2018)Google Scholar
  14. 14.
    Kuo, C., Yang, C.: Design and implementation of a network intrusion detection system based on NetFlow. Cheng Kung University, Institute of Computer and Communication Engineering (2015)Google Scholar
  15. 15.
    Yao, S., Yang, C.: Design and implementation of a host-based intrusion detection system for Linux-based web server on signature-based approach. Cheng Kung University, Institute of Computer and Communication Engineering (2018)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Institute of Computer and Communication Engineering, Department of Electrical EngineeringNational Cheng Kung UniversityTainanTaiwan

Personalised recommendations