Ontology-based Distributed Intrusion Detection System

被引:23
作者
Abdoli, F. [1 ]
Kahani, M. [1 ]
机构
[1] Ferdowsi Univ Mashhad, Commun & Comp Res Ctr, Mashhad, Iran
来源
2009 14TH INTERNATIONAL COMPUTER CONFERENCE | 2009年
关键词
Ontology; Intrusion Detection System; Denial of Service attack;
D O I
10.1109/CSICC.2009.5349372
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
In this paper we discussed about utilizing methods and techniques of semantic web in the Intrusion Detection Systems. To extract semantic relations between computer attacks and intrusions in a Distributed Intrusion Detection System, we use ontology. Prot g software is our selected software for building ontology. In addition, we utilized Jena framework to make interaction between MasterAgent and attacks ontology. Our Distributed Intrusion Detection System is a network which contains some IDSagents and a special MasterAgent. MasterAgent contains our proposed attacks ontology. Every time a IDSagent detects an attack or new suspected condition, it sends detection's report for MasterAgent. Therefore, it can extract the semantic relationship among computer attacks and suspected situations in the network with proposed ontology. Finally, the experience shows that the pruposed system reduced the rate of false positive and false negative.
引用
收藏
页码:65 / +
页数:3
相关论文
共 25 条
[1]  
AGARWAL R, 2000, 00015 TR U MINN DEPR
[2]  
ANAGNOSTOPOULOS T, 2005, ICPS 05
[3]  
DU Y, IEEE 2004
[4]  
Gomez J, 2001, P 2002 IEEE WORKSH I
[5]  
GUAN Y, 2003, P CAN C EL COMP ENG
[6]   STATE TRANSITION ANALYSIS - A RULE-BASED INTRUSION DETECTION APPROACH [J].
ILGUN, K ;
KEMMERER, RA ;
PORRAS, PA .
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1995, 21 (03) :181-199
[7]  
ILGUN K, 1995, IEEE T SOFTWARE ENG, V2
[8]  
KLAUS M, 2005, IDS INTRUSION DETECT
[9]  
LAIT LR, 1993, DF PROPOSED DATA FOR
[10]   A data mining framework for building intrusion detection models [J].
Lee, W ;
Stolfo, SJ ;
Mok, KW .
PROCEEDINGS OF THE 1999 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, 1999, :120-132
123