False positive reduction in intrusion detection system: A survey

Abouabdalla, Omar; El-Taj, Homam; Manasrah, Ahmed M.; Ramadass, Sureswaran

doi:10.1109/icbnmt.2009.5348536

Cited by 13 publications

(2 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The proposed model comprises three major components: The Network Intrusion Detection Component, the Mobile Agent Platform, and distributed sensors residing on every device in the network segment [9].…”

Section: New Mobile Agent-based Intrusion Detection Systems For Distrmentioning

confidence: 99%

See 1 more Smart Citation

Enhanced Architecture for Misconfiguration and Intrusion Detection using Centralized Rule based System

Sharma¹,

Tiwari²,

Gour³

2012

IJCA

View full text Add to dashboard Cite

Web servers and web-based applications are popular attack targets. Web servers are usually accessible through corporate firewalls. The number of reported web application vulnerabilities is increasing dramatically. Thus the task of securing web applications is one of the most urgent. On the other hand traditional protection mechanisms like firewalls were not designed to protect web applications and thus do not provide adequate defense. Current attacks cannot be thwarted by just blocking ports 80 (HTTP) and 443 (HTTPS).Previously known intrusion detection systems are not efficient with more false positive alarms and more time and space complexity. In this research work a new IDS architecture is introduced which detect misconfiguration and intrusion simultaneously. There is also used a RBs (Rule Based System) which take appropriate action accordingly degree of misconfiguration. The RBs consist with predefined rule. This rules guide the system to take appropriate action. Rules are triggered as soon as it received signal for misconfigurations. The architecture designed such a way that it can handle misconfigurations and detection of intrusion simultaneously.

show abstract

Section: New Mobile Agent-based Intrusion Detection Systems For Distrmentioning

confidence: 99%

“…This work not covers mobile agent's intercommunication and negotiation which can help investigative mobile agents to share their knowledge. In addition intrusion pattern's knowledge sharing between IDS control centers can be considered for further studies [9][10].…”

Section: Distributed Intrusion Detection System Using Mobile Agentsmentioning

confidence: 99%