Implementation of an IP Management and Risk Assessment System Based on PageRank

Recently, network technology had brought a variety of attacks on the Internet, unfortunately, no one is safe in this trend. Network managers try to find the attackers and search for the suspicious behaviors in the network connections to defend their services. Intrusion Detection System (IDS) can help network managers to find out the network attacks, but for some special cases, IDS has its limitation. Proposed system integrated network-based IDS (NIDS) and host-based IDS (HIDS) to detect the suspicious behavior and assess the risk value of each IP. This research is dedicated to separating attacks and suspicious behaviors analysis by network-based IDS and host-based IDS. Furthermore, the proposed system will also find the relations among suspicious IP by using the modified PageRank algorithm and correlate the events to estimate the risk for each IP. The ranking of each IP represent the risk level and network managers can protect the hosts by the ranking. The experiment results show that the proposed system can achieve the goal of managing attack and tracking the suspicious ones. It can help users to take appropriate action in time.

[1]  Luigi Portinale,et al.  Decision Networks for Security Risk Assessment of Critical Infrastructures , 2018, ACM Trans. Internet Techn..

[2]  Rajeev Motwani,et al.  The PageRank Citation Ranking : Bringing Order to the Web , 1999, WWW 1999.

[3]  Jaideep Srivastava,et al.  Intrusion Detection: A Survey , 2005 .

[4]  L Vokorokos,et al.  Host-based intrusion detection system , 2010, 2010 IEEE 14th International Conference on Intelligent Engineering Systems.

[5]  Wei Chen,et al.  An Improved Information Security Risk Assessments Method for Cyber-Physical-Social Computing and Networking , 2018, IEEE Access.

[6]  Chun-Hung Richard Lin,et al.  Intrusion detection system: A comprehensive review , 2013, J. Netw. Comput. Appl..

[7]  Giovanni Vigna,et al.  NetSTAT: A Network-based Intrusion Detection System , 1999, J. Comput. Secur..

[8]  Jesse M. Ehrenfeld WannaCry, Cybersecurity and Health Information Technology: A Time to Act , 2017, Journal of Medical Systems.

[9]  Ali Movaghar-Rahimabadi,et al.  Intrusion Detection: A Survey , 2008, 2008 Third International Conference on Systems and Networks Communications.