Paper Info
Title
Ontology Based Cooperative Intrusion Detection System
Abstract
As malicious intrusions span sites more frequently, network security plays the vital role in internet. Intrusion detection system (IDS) is expected to provide powerful protection against malicious behaviors. However, high false negative and false positive prevent intrusion detection system from practically using. After survey of present intrusion detection systems, we believe more accurate and efficient detection result can be obtained by using multi-sensor cooperative detection. To aiding cooperative detection, an ontology consisting of attribute nodes and value nodes is presented after analysis of IDSs rules and various classes of computer intrusions. On the basis of ontology, a matchmaking method is given to improve flexibility of detection. Cooperative detection framework based on the ontology is also discussed. The ontology proposed in paper has two advantages. First, it makes the detection more flexible and second it provides global locality information to support cooperation.
Year
DOI
Venue
2004
10.1007/978-3-540-30141-7_59
LECTURE NOTES IN COMPUTER SCIENCE
Keywords
Field
DocType
null
Ontology,Data mining,Locality,Computer science,Sensor array,Network security,Anomaly-based intrusion detection system,Intrusion prevention system,Artificial intelligence,Intrusion detection system,Distributed computing,The Internet
Conference
Volume
Issue
ISSN
3222
07
0302-9743
Citations 
PageRank 
References 
4
0.54
4
Authors
4
Name
Order
Citations
PageRank
Yanxiang He156868.23
Wei Chen28612.45
Min Yang313817.35
Wenling Peng4121.94