Abstract: Because of the high false acceptance rate and false alarm rate of IDS, this paper proposes a Bayesian Information Criterion(BIC) scoring Bayesian network model, which makes use of BIC scoring function and mountain-climb searching algorithm, and weakens the strong independence relation assumption of Naive Bayes. It offers an experimental study and analysis, which shows that this improved Bayes network model enhances the detection precision in recognition of DoS and Probe attacks

Key words: Bayesian network, BIC scoring function, intrusion detection system

摘要： 针对入侵检测系统漏报率、误报率高的缺点，以贝叶斯信息标准(BIC)评分函数为尺度，结合爬山搜索算法，降低朴素贝叶斯网络模型的强独立性假设，提出更符合实际情形的BIC评分贝叶斯网络模型。对模型进行验证和性能分析，实验结果表明，基于BIC评分函数的贝叶斯网络模型对行为特征渐变的DoS攻击和刺探攻击具有较高识别率。

关键词: 贝叶斯网络, BIC评分函数, 入侵检测系统

CLC Number: 

• TP393.08