Context-Aware Intrusion Alerts Verification Approach

被引:0
|
作者
Saad, Sherif [1 ]
Traore, Issa [1 ]
Brocardo, Marcelo Luiz [1 ]
机构
[1] Univ Victoria, Elect & Comp Engn, Victoria, BC V8W 2Y2, Canada
来源
2014 10TH INTERNATIONAL CONFERENCE ON INFORMATION ASSURANCE AND SECURITY (IAS) | 2014年
关键词
Alert Verification; Intrusion Detection; Context-Aware; Semantic Similarity; False Positive; TAXONOMY;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Intrusion detection systems (IDSs) produce a massive number of intrusion alerts. A huge number of these alerts are false positives. Investigating false positive alerts is an expensive and time consuming process, and as such represents a significant problem for intrusion analysts. This shows the needs for automated approaches to eliminate false positive alerts. In this paper, we propose a novel alert verification and false positives reduction approach. The proposed approach uses context-aware and semantic similarity to filter IDS alerts and eliminate false positives. Evaluation of the approach with an IDS dataset that contains massive number of IDS alerts yields strong performance in detecting false positive alerts.
引用
收藏
页码:53 / 59
页数:7
相关论文
共 50 条
  • [41] Context-Aware Intrusion Detection in Mobile Ad-Hoc Networks
    Chandran, R. S. Ambili
    Bhanu, S. Mary Saira
    INFORMATION PROCESSING AND MANAGEMENT, 2010, 70 : 458 - 460
  • [42] A context-aware on-board intrusion detection system for smart vehicles
    Micale, Davide
    Matteucci, Ilaria
    Fenzl, Florian
    Rieke, Roland
    Patane, Giuseppe
    INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2024, 23 (03) : 2203 - 2223
  • [43] A bargaining approach for disseminating context information to context-aware services
    Badidi, Elarbi
    Lecture Notes in Electrical Engineering, 2015, 312 : 271 - 279
  • [44] Learning Context-aware Latent Representations for Context-aware Collaborative Filtering
    Liu, Xin
    Wu, Wei
    SIGIR 2015: PROCEEDINGS OF THE 38TH INTERNATIONAL ACM SIGIR CONFERENCE ON RESEARCH AND DEVELOPMENT IN INFORMATION RETRIEVAL, 2015, : 887 - 890
  • [45] A Situation-Aware Approach for Dealing with Uncertain Context-Aware Paradigm
    Lin, Xiangtao
    Cheng, Bo
    Chen, Junliang
    GLOBECOM 2009 - 2009 IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE, VOLS 1-8, 2009, : 1880 - 1885
  • [46] Context-aware agent platform in ubiquitous environments and its verification tests
    Hattori, Masanori
    Cho, Kenta
    Ohsuga, Akihiko
    Isshiki, Masao
    Honiden, Shinichi
    Systems and Computers in Japan, 2004, 35 (07) : 13 - 23
  • [47] Context-aware agent platform in ubiquitous environments and its verification tests
    Hattori, M
    Cho, K
    Ohsuga, A
    Isshiki, M
    Honiden, S
    PROCEEDINGS OF THE FIRST IEEE INTERNATIONAL CONFERENCE ON PERVASIVE COMPUTING AND COMMUNICATIONS (PERCOM 2003), 2003, : 547 - 552
  • [48] Context-aware payment for supply chains: Software architecture and formal verification
    Zamani, Zahra
    Bayat, Maryam
    Moeini, Ali
    Motevalian, Alireza
    WORLD CONGRESS ON ENGINEERING 2008, VOLS I-II, 2008, : 211 - +
  • [49] Context-aware local Intrusion Detection in SCADA systems: a testbed and two showcases
    Chromik, Justyna J.
    Pilch, Carina
    Brackmann, Pascal
    Duhme, Christof
    Everinghoff, Franziska
    Giberlein, Artur
    Teodorowicz, Thomas
    Wieland, Julian
    Haverkort, Boudewijn R.
    Remke, Anne
    2017 IEEE INTERNATIONAL CONFERENCE ON SMART GRID COMMUNICATIONS (SMARTGRIDCOMM), 2017, : 467 - 472
  • [50] Supporting context-aware mobile applications: An infrastructure approach
    van Sinderen, Marten J.
    van Halteren, Aart T.
    Wegdam, Maarten
    Meeuwissen, Hendrik B.
    Eertink, E. Henk
    IEEE COMMUNICATIONS MAGAZINE, 2006, 44 (09) : 96 - 104
12345