2013 International Conference on Risks and Security of Internet and Systems (CRiSIS) 2013
DOI: 10.1109/crisis.2013.6766352
|View full text |Cite
|
Sign up to set email alerts
|

Semantic-based context-aware alert fusion for distributed Intrusion Detection Systems

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
19
0

Year Published

2016
2016
2021
2021

Publication Types

Select...
4
2
1

Relationship

0
7

Authors

Journals

citations
Cited by 18 publications
(19 citation statements)
references
References 14 publications
0
19
0
Order By: Relevance
“…Ontologies have proven to be powerful tools to specify and structure knowledge, to model behaviours schematically, or to provide formal specification of different entities in a system and their relationships. Other researchers [2,8,9] have used ontologies to represent contextual information. For instance, in [9], the authors tackle the problem of adding contextual information in the smart car domain.…”
Section: Related Workmentioning
confidence: 99%
See 1 more Smart Citation
“…Ontologies have proven to be powerful tools to specify and structure knowledge, to model behaviours schematically, or to provide formal specification of different entities in a system and their relationships. Other researchers [2,8,9] have used ontologies to represent contextual information. For instance, in [9], the authors tackle the problem of adding contextual information in the smart car domain.…”
Section: Related Workmentioning
confidence: 99%
“…Current IDSs utilise measurable network traffic information from the protected system or signatures of known attacks during the intrusion detection process, but these systems do not take into account available high-level information (i.e. above the network operation) regarding the protected system to improve their effectiveness [2].…”
Section: Introductionmentioning
confidence: 99%
“…For instance, the authors of [1] propose a security ontologies-based approach to add context information into a process that fuses the outcome of heterogeneous distributed IDSs. By using this high-level information, the authors are able to reduce the number of false positive alerts.…”
Section: Related Workmentioning
confidence: 99%
“…above the network operation) regarding the protected system [1]. As we previously discussed in [2], the next generation of IDSs should incorporate contextual information, situational awareness and cognitive information, pertaining to the experts' judgment on the network behaviour within the intrusion detection process.…”
Section: Introductionmentioning
confidence: 99%
“…Sadighian et al [127] propose an alert fusion approach that incorporates public vulnerability data (CVE, NVD) and contextual attack information such as network configurations, host settings, application requirements, and user-specific configurations. This data is retrieved from a dedicated configuration management system.…”
Section: Siem-like Systemsmentioning
confidence: 99%