Skip to main content
SpringerLink
Log in

Intrusion Prediction Systems

  • Chapter
  • First Online:
Information Fusion for Cyber-Security Analytics

Part of the book series: Studies in Computational Intelligence ((SCI,volume 691))

Abstract

In recent years, cyberattacks have increased rapidly in huge volumes and diversity. Despite the existence of advanced cyber-defence systems, attacks and intrusions still occur. Defence systems tried to block previously known attacks, stop ongoing attacks and detect occurred attacks. However, often the damage caused by an attack is catastrophic. Consequently, the need for improved intrusion detection systems and proposed robust prediction system is more urgent these days. In this chapter, we investigate the intrusion prediction systems to show the need for such system, the insufficiency of the current intrusion detection systems and how prediction will improve the security capabilities for defence systems. A survey of intrusion prediction systems in cybersecurity, the concepts of work and methods used in these systems is presented.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 179.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Waxman, M.C.: Cyber-attacks and the use of force: back to the future of article 2(4). Yale J. Int. Law 36, 421–458 (2011)

    Google Scholar 

  2. Garrett, B.N.: Taming the Wild Wild Web: twenty-first century prize law and privateers as a solution to combating cyber-attacks. Univ. Cincinnati Law Rev. 81(2), 684–706 (2013)

    Google Scholar 

  3. Wood, P., Nahorney, B., Chandrasekar, K., Wallace, S., Haley, K.: Internet Security Threat Report, vol. 19. Symantec Corp, Mountain View, CA (2014)

    Google Scholar 

  4. Tomaso, M.: BP fights off up to 50,000 cyber-attacks a day: CEO. http://www.cnbc.com/ [Online]. http://www.cnbc.com/id/100529483#. Accessed 19 Nov 2014

  5. Chinn, D., Kaplan, J., Weinberg, A.: Risk and Responsibility in a Hyperconnected World: Implications for Enterprises. McKinsey Co., New York City, NY (2014)

    Google Scholar 

  6. Wu, S.X., Banzhaf, W.: The use of computational intelligence in intrusion detection systems: a review. Appl. Soft Comput. 10(1), 1–35 (2010)

    Article  Google Scholar 

  7. Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., Rajarajan, M.: A survey of intrusion detection techniques in Cloud. J. Netw. Comput. Appl. 36(1), 42–57 (2013)

    Article  Google Scholar 

  8. Wang, H., Zhou, H.: The research of intrusion detection system in cloud computing environment. Adv. Multimedia Softw. Eng. Comput. 1, 45–49 (2012)

    Google Scholar 

  9. Ginsburg, A., Santos, L.J., Scoboria, E., Scoboria, K., Yeoh, J.: The Notorious Nine: Cloud Computing Top Threats in 2013, pp. 1–14. Cloud Security Alliance, San Jose, CA (2013)

    Google Scholar 

  10. Bace, R., Mell, P.: NIST special publication on intrusion detection systems NIST special publication on intrusion detection systems. Natl. Inst. Stand. Technol. 800-94, 1–51 (2011)

    Google Scholar 

  11. Scarfone, K., Mell, P.: Guide to Intrusion Detection and Prevention Systems (IDPS) Recommendations of the National Institute of Standards and Technology. National Institute of Standards and Technology, Gaithersburg, MD (2007)

    Google Scholar 

  12. Shorr, A.F., Zilberberg, M.D., Micek, S.T., Kollef, M.H.: Prediction of infection due to antibiotic-resistant bacteria by select risk factors for health care-associated pneumonia. JAMA Intern. Med. 168(20), 2205–2210 (2008)

    Article  Google Scholar 

  13. Yang, Q., Khoury, M.J., Botto, L., Friedman, J.M., Flanders, W.D.: Improving the prediction of complex diseases by testing for multiple disease-susceptibility genes. Am. J. Hum. Genet. 72(3), 636–649 (2003)

    Article  Google Scholar 

  14. Sudha, A.S.A., Gayathri, P., Jaisankar, N.: Utilization of data mining approaches for prediction of life threatening diseases survivability. Int. J. Comput. Appl. 41(17), 51–55 (2012)

    Google Scholar 

  15. Fenton, N.E., Centre for Software Reliability, London, UK, Neil, M.: A critique of software defect prediction models. IEEE Trans. Softw. Eng. 25(5), 675–689 (1999)

    Article  Google Scholar 

  16. Hatton, L.: Reexamining the fault density-component size connection. IEEE Softw. 14(2), 89–97 (1997)

    Article  Google Scholar 

  17. LeBaron, B., Arthur, W.B., Palmer, R.: Time series properties of an artificial stock market. J. Econ. Dyn. Control 23(9–10), 1487–1516 (1999)

    Article  MATH  Google Scholar 

  18. Shen, S., Jiang, H., Zhang, T.: Stock Market Forecasting Using Machine Learning Algorithms, pp. 1–5. Department of Electrical Engineering, Stanford University, Stanford, CA (2012)

    Google Scholar 

  19. Hassan, M.R., Nath, B.: Stock market forecasting using hidden Markov model: a new approach. 5th International conference on intelligent systems design and applications (ISDA’05), pp. 192–196 (2005)

    Google Scholar 

  20. Agarwal, V., Taffler, R.: Comparing the performance of market-based and accounting-based bankruptcy prediction models. J. Bank Finance 32(8), 1541–1551 (2008)

    Article  Google Scholar 

  21. Režňáková, M., Karas, M.: Bankruptcy prediction models: can the prediction power of the models be improved by using dynamic indicators? Proc. Econ. Finance 12(14), 565–574 (2014)

    Google Scholar 

  22. Toth, E., Brath, A., Montanari, A.: Comparison of short-term rainfall prediction models for real-time flood forecasting. J. Hydrol. 239(1–4), 132–147 (2000)

    Article  Google Scholar 

  23. Gardner, R.D., Harle, D.A.: Methods and systems for alarm correlationProc. GLOBECOM’96. IEEE Glob. Telecommun. Conf. 1, 136–140 (1996)

    Google Scholar 

  24. Sadoddin, R., Ghorbani, A.: Alert correlation survey : framework and techniques. Proceedings of the 2006 international conference on privacy, security and trust: bridge the gap between PST technologies and business services, pp. 1–10 (2006)

    Google Scholar 

  25. Shameli Sendi, A., Dagenais, M., Jabbarifar, M., Couture, M.: Real time intrusion prediction based on optimized alerts with Hidden Markov Model. J Netw. 7(2), 311–321 (2012)

    Google Scholar 

  26. Kim, Y.-H., Park, W.H.: A study on cyber threat prediction based on intrusion detection event for APT attack detection. Multimedia Tools Appl. 71(2), 685–698 (2014)

    Article  Google Scholar 

  27. Farhadi, H., Amirhaeri, M., Khansari, M.: Alert correlation and prediction using data mining and HMM. ISC Int. J. Inf. Secur. 3(2), 77–101 (2011)

    Google Scholar 

  28. Pontes, E., Guelfi, A.E., Kofuji, S.T., Silva, A.A.A., Guelfi, A.E.: Applying multi-correlation for improving forecasting in cyber security. In: The sixth international conference on digital information management (ICDIM), pp. 179–186 (2011)

    Google Scholar 

  29. Fava, D.S., Byers, S.R., Yang, S.J.: Projecting cyberattacks through variable-length Markov models. IEEE Trans. Inf. Forensic Secur. 3(3), 359–369 (2008)

    Article  Google Scholar 

  30. Zhengdao, Z., Zhumiao, P., Zhiping, Z.: The study of intrusion prediction based on HsMM. 2008 I.E. Asia-Pacific services computing conference, pp. 1358–1363 (2008)

    Google Scholar 

  31. Feng, L., Guan, X., Guo, S., Gao, Y., Liu, P.: Predicting the intrusion intentions by observing system call sequences. Comput. Secur. 23(3), 241–252 (2004)

    Article  Google Scholar 

  32. Zhang, G., Sun, J.: A novel network intrusion attempts prediction model based on fuzzy neural network. Lect. Notes Comput. Sci. 3991(2002), 419–426 (2006)

    Article  Google Scholar 

  33. Bienkowski, M., Feng, M., Means, B.: Enhancing Teaching and Learning Through Educational Data Mining and Learning Analytics: An Issue Brief, pp. 1–57. SRI International, Washington, DC (2012)

    Google Scholar 

  34. Ramasubramanian, P., Kannan, A.: Quickprop neural network short-term forecasting framework for a database intrusion prediction system. Artif. Intell. Soft. Comput. 3070(1), 847–852 (2004)

    MATH  Google Scholar 

  35. Alampalayam, S.P., Kumar, A.: Predictive security model using data mining. Globecom 502, 2208–2212 (2004)

    Google Scholar 

  36. Fachkha, C., Bou-Harb, E., Debbabi, M.: Towards a forecasting model for distributed denial of service activities. In: 2013 I.E. 12th international symposium networking and computer application, pp. 110–117, Aug 2013 (2013)

    Google Scholar 

  37. Park, H., Jung, S.-O.D., Lee, H., In, H.P.: Cyber weather forecasting forecasting unknown internet worms using randomness analysis. IFIP Adv. Inf. Commun. Technol. 376, 376–387 (2012)

    Article  Google Scholar 

  38. Ghahramani, Z.: An introduction to hidden Markov models and Bayesian networks. Int. J. Pattern Recognit. Artif. Intell. 15(1), 9–42 (2001)

    Article  Google Scholar 

  39. Baruah, P., Chinnam, R.B.: HMMs for diagnostics and prognostics in machining processes. Int. J. Prod. Res. 43(6), 1275–1293 (2005)

    Article  MATH  Google Scholar 

  40. Lai-cheng, C.: A high-efficiency intrusion prediction technology based on Markov chain. In: International conference on computational intelligence and security workshops, pp. 522–525 (2007)

    Google Scholar 

  41. Wu, J., Yin, L., Guo, Y.: Cyber attacks prediction model based on Bayesian network. In: 2012 I.E. 18th international conferences parallel and distributed systems, pp. 730–731, Dec 2012 (2012)

    Google Scholar 

  42. Ishida, C., Arakawa, Y., Sasase, I., Takemori, K.: Forecast techniques for predicting increase or decrease of attacks using Bayesian inference. In: 2005 I.E. Pacific Rim Conference on communications, computers and signal processing, 2005. PACRIM, pp. 450–453 (2005)

    Google Scholar 

  43. Liu, H., Motoda, H.: Feature Extraction, Construction and Selection: A Data Mining Perspective. Springer, New York, NY (1998)

    Book  MATH  Google Scholar 

  44. Guyon, I., Elisseeff, A.: An introduction to feature extraction. In: Guyon, I.M. (ed.) Feature Extraction, Foundations and Applications, p. 24. Springer, Berlin (2006)

    Chapter  Google Scholar 

  45. Watters, P.A., McCombie, S., Layton, R., Pieperzyk, J.: Characterising and predicting cyber-attacks using the Cyber Attacker Model Profile (CAMP). J. Money Laund. Control 15(4), 430–441 (2012)

    Article  Google Scholar 

  46. Cheng-Bin, L.: A new intrusion prediction method based on feature extraction. In: Second international workshop on computer science and engineering, pp. 7–10 (2009)

    Google Scholar 

  47. Haslum, K., Abraham, A., Knapskog, S.: DIPS: a framework for distributed intrusion prediction and prevention using hidden Markov models and online fuzzy risk assessment. Third Int. Symp. Inf. Assur. Secur. 2007, 183–190 (2007)

    Article  Google Scholar 

  48. Tabia, K., Leray, L.: Bayesian network-based approaches for severe attack prediction and handling IDSs’ reliability. In: 13th international conference, IPMU 2010, Dortmund, Germany, 28 Jun to 2 Jul 2010. Proceedings, part II, pp. 632–642 (2010)

    Google Scholar 

  49. Sindhu, S.S.S., Geetha, S., Sivanath, S.S., Kannan, A.: A neuro-genetic ensemble short term forecasting framework for anomaly intrusion prediction. 2006 International conference advanced computing & communication, pp. 187–190 (2006)

    Google Scholar 

  50. KDD-CUP-99 Task Description. [Online]. https://kdd.ics.uci.edu/databases/kddcup99/task.html. Accessed 27 Apr 2015

  51. Poojitha, G., Kumar, K., JayaramiReddy, P.: Intrusion detection using artificial neural network. Second international conference on computing, communication and networking technologies, pp. 1–7 (2010)

    Google Scholar 

  52. Tang, C., Xie, Y., Qiang, B., Wang, X., Zhang, R.: Security situation prediction based on dynamic BP neural with covariance. Adv. Control Eng. Inf. Sci. 15, 3313–3317 (2011)

    Google Scholar 

  53. Jaiganesh, V., Mangayarkarasi, S., Sumathi, P.: Intrusion detection systems: a survey and analysis of classification techniques. Int. J. Adv. Res. Comput. Commun. Eng. 2(4), 1629–1635 (2013)

    Google Scholar 

  54. Li, L., Lei, J., Wang, L., Li, D.: A data mining approach to generating network attack graph for intrusion prediction. In: Fourth international conference on fuzzy systems and knowledge discovery (FSKD 2007), no. Fskd, pp. 307–311 (2007)

    Google Scholar 

  55. Onolaja, O., Bahsoon, R., Theodoropoulos, G.: Conceptual framework for dynamic trust monitoring and prediction. Proc. Comput. Sci. 1(1), 1241–1250 (2012)

    Article  Google Scholar 

  56. Jayasinghe, G.K., Shane Culpepper, J., Bertok, P.: Efficient and effective realtime prediction of drive-by download attacks. J. Netw. Comput. Appl. 38, 135–149 (2014)

    Article  Google Scholar 

  57. Kannadiga, P., Zulkernine, M., Haque, A., Canada, B.: E-NIPS: an event-based network intrusion prediction. In: Proceedings of the 10th international conference, ISC 2007, Valparaíso, Chile, 9–12 Oct 2007, pp. 37–52 (2007)

    Google Scholar 

  58. Pontes, E., Lsi, P., Paulo, S.: IFS – intrusion forecasting system based on collaborative architecture. In: Fourth international conference on digital information management, 2009. ICDIM 2009, pp. 216–221 (2009)

    Google Scholar 

  59. Grunske, L., Joyce, D.: Quantitative risk-based security prediction for component-based systems with explicitly modeled attack profiles. J. Syst. Softw. 81(8), 1327–1345 (2008)

    Article  Google Scholar 

  60. Park, H., Lee, H.: Detecting unknown worms using randomness check. Inf. Netw. Adv. Data Commun. Wirel. Netw. 3961, 775–784 (2006)

    Google Scholar 

  61. Bailey, M., Cooke, E., Jahanian, F., Myrick, A., Sinha, S., Arbor, A.: Practical darknet measurement. In: 2006 I.E. conference on information sciences and systems, 2007, pp. 1496–1501 (2007)

    Google Scholar 

  62. Abdlhamed, M., Kifayat, K., Shi, Q., Hurst, W.: A system for intrusion prediction in cloud computing. In: Boubiche, D.E., et al. (eds.) Proceedings of the International Conference on Internet of Things and Cloud Computing (ICC 2016), pp. 1–9. University of Cambridge, Cambridge (2016)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing and Mathematical Sciences, Liverpool John Moores University, Byrom Street, Liverpool, L3 3AF, UK

    Mohamed Abdlhamed, Kashif Kifayat, Qi Shi & William Hurst

Authors
  1. Mohamed Abdlhamed
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kashif Kifayat
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Qi Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. William Hurst
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohamed Abdlhamed .

Editor information

Editors and Affiliations

  1. Department of Computing and Cyber Security, University of Texas A&M, San Antonio, Texas, USA

    Izzat M Alsmadi

  2. Department of Information Systems, University of Maryland Baltimore County (UMBC), Baltimore, Maryland, USA

    George Karabatis

  3. Department of Computer Information Systems, Yarmouk University, Irbid, Jordan

    Ahmed Aleroud

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Abdlhamed, M., Kifayat, K., Shi, Q., Hurst, W. (2017). Intrusion Prediction Systems. In: Alsmadi, I., Karabatis, G., Aleroud, A. (eds) Information Fusion for Cyber-Security Analytics. Studies in Computational Intelligence, vol 691. Springer, Cham. https://doi.org/10.1007/978-3-319-44257-0_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-44257-0_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-44256-3

  • Online ISBN: 978-3-319-44257-0

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation