A user-oriented ontology-based approach for network intrusion detection

A new approach is suggested for designing and developing an intrusion detection application where the domain expertise is used for generating it more easily. This approach uses ontologies as a way of grasping the knowledge of a domain, expressing the intrusion detection system much more in terms of the end users domain, generating the intrusion detection more easily and performing intelligent reasoning. Furthermore, ontologies are also used as a conceptual modeling tool allowing a non-expert person to model his/her intrusion detection application only using the concepts of intrusion detection more intuitively and more user-oriented towards his/her domain expertise. (C) 2007 Published by Elsevier B.V.