Hybrid Intrusion Forecasting Framework for Early Warning System

Sehun KIM  Seong-jun SHIN  Hyunwoo KIM  Ki Hoon KWON  Younggoo HAN  

Publication
IEICE TRANSACTIONS on Information and Systems   Vol.E91-D   No.5   pp.1234-1241
Publication Date: 2008/05/01
Online ISSN: 1745-1361
DOI: 10.1093/ietisy/e91-d.5.1234
Print ISSN: 0916-8532
Type of Manuscript: INVITED PAPER (Special Section on Information and Communication System Security)
Category: 
Keyword: 
early warning system,  intrusion forecasting,  network security,  cyber threat,  

Full Text: PDF>>
Buy this Article




Summary: 
Recently, cyber attacks have become a serious hindrance to the stability of Internet. These attacks exploit interconnectivity of networks, propagate in an instant, and have become more sophisticated and evolutionary. Traditional Internet security systems such as firewalls, IDS and IPS are limited in terms of detecting recent cyber attacks in advance as these systems respond to Internet attacks only after the attacks inflict serious damage. In this paper, we propose a hybrid intrusion forecasting system framework for an early warning system. The proposed system utilizes three types of forecasting methods: time-series analysis, probabilistic modeling, and data mining method. By combining these methods, it is possible to take advantage of the forecasting technique of each while overcoming their drawbacks. Experimental results show that the hybrid intrusion forecasting method outperforms each of three forecasting methods.