Network intrusion detection using particle filter and Colored Petri Nets

We have investigated and proposed the particle filter concept in a network intrusion detection system and simulated it using the Colored Petri Nets tools to trace and pre-detect networking abnormal behaviors. The Network Particle Filter scheme has been proposed, which analyzes and simulates what happens during an intrusion behavior in depth. The accuracy of our simulation results is not enough good for a real work applications. In addition, the design of our network flow also does not deal with real attack cases. However, the approaches presented in this work can still be applied to the risk and cost evaluation of an IDS. The experimental results demonstrated that the CSPN model approach is still an efficient, effective and comprehensive way to evaluate an intrusion detection system.