Enhanced Correlation in an Intrusion Detection Process.

Generally, the intruder must perform several actions, organized in an intrusion scenario, t o a c hieve his or her malicious objective. ... When an intruder begins his intrusion, we can deduce, from the alerts generated by IDSs, several possible scenarios, by correlating attacks, that leads to multiple intrusion objectives. ... Section 4 presents the weighted correlation approach. 2 Modelling the intrusion In order to model the intrusion process, we extend the material de ned in CM02]. ...

doi:10.1007/978-3-540-45215-7_13 fatcat:okqkcx4xp5dypg5weuqusl5wya

In this investigation, Kaggle dataset is measured as benchmark dataset for detecting intrusion is considered initially. These dataset includes 41 essential attributes for intrusion identification. ... Henceforth, feature extraction using machine learning approaches for modelling of Intrusion detection system (IDS) have been cast off for identification of threats in IoT devices. ... This work defines a pre-processing phase of an intrusion detection system using anticipated IW-RFI method. 3. ...

doi:10.35940/ijitee.f1446.0981119 fatcat:3pwdo5khtnam3imeazb4xr7pzy

Attempts to use more heterogeneous data sources pose an even greater Big Data challenge. Big Data technologies for Intrusion Detection can help solve these Big Heterogeneous Data challenges. ... Intrusion Detection has been heavily studied in both industry and academia, but cybersecurity analysts still desire much more alert accuracy and overall threat analysis in order to secure their systems ... In these studies, a prevailing theme is that more diverse heterogeneous sources will enhance Intrusion Detection capabilities through event correlation and a better comprehension of situational awareness ...

doi:10.1186/s40537-015-0013-4 fatcat:gkwznr3t5naznhc56nwkikimpm

DOAJ Szczepanski

This paper presents the design, development, and validation of an ontology based SCADA intrusion detection system. ... The proposed system analyses SCADA network communications and can derive additional information based on the background knowledge and ontology models to enhance the intrusion detection data. ... An ontology can provide several advantages and enables enhanced information analysis to the intrusion detection task. ...

doi:10.5220/0005969803270335 dblp:conf/secrypt/BalushiMS16 fatcat:cbxqpqjfnra5vdbnul25kngggq

The findings show that the implementation of classifier algorithm and Pearson correlation for an intrusion detection system has been able to improve the effectiveness of intrusion detection system in terms ... This paper studies the effectiveness of implementing classifier algorithm and Pearson correlation for an intrusion detection system. ... The proposed method, Pearson Correlation with further enhancement by Tune Model Hyperparameter were designed to improve traditional IDS systems in terms of accuracy, detection rate, and building normal ...

doi:10.30534/ijatcse/2020/1991.32020 fatcat:rm6r7lx6sjhjtdubvpaqhaqcsu

In this context, capacity optimization goes beyond the traditional aim of capacity maximization, contributing also for organization's profitability and value. ... The study of capacity optimization and costing models is an important research topic that deserves contributions from both the practical and theoretical perspectives. ... method defined, an alert correlation process provides a high-level view on the correlating process in a CMS environment. ...

doi:10.1016/j.promfg.2019.06.197 fatcat:uprffw3rbfe35ljhtkipuuseze

Open Access

In this paper importance of machine learning is discussed because of the betterment of the intrusion detection system. ... Using a Machine learning Intrusion detection system can make it more efficient and capable to detect new attack patterns by self-learning or acquiring knowledge. ... In Data Set Pre Processing, all Non-Numeric and Symbolic Features are removed or exchanged as they don't have any major part to play in the process of Intrusion Detection. ...

doi:10.30534/ijeter/2020/09892020 fatcat:x7og7inxjvantgfdjg52qwzvt4

This paper proposes an innovative event correlation mechanism for cyber threat detection, which engages a semantic event hierarchy. ... The architecture employs a publish/subscribe mechanism, which decentralizes limited computing resources to distributed field agents in order to enhance real-time attack detection while limiting unnecessary ... In traditional information technology (IT) systems, intrusion detection systems (IDSs) are deployed to detect network-borne attacks. ...

doi:10.1007/978-3-642-45330-4_6 fatcat:7bfefo7hn5ejnn6llirzvdqzym

This system must detect and analyze the correlation between anomalies since we believe that handling correlations between anomalies can reveal sophisticated intrusion scenarios in DBMS. ... CORMSYS is composed of four main parts: (i) the Correlation Definition and Analysis subsystem; (ii) the Users Tracking subsystem; (iii) the Intrusion Scenario Identification subsystem and (iv) the Illegal ... A correlation between anomalies underlies an elaborate scenario of policy corruption and therefore an elaborate scenario of intrusion. ...

doi:10.5220/0006766802990304 dblp:conf/enase/EvinaAJB18 fatcat:bmntox3ma5dg3jdrrbqdtrs3fq

The Intrusion Detection System (IDS) produces a large number of alerts. ... An improved hybridized model was developed to assess and reduce IDS alerts using the combination of the Genetic Algorithm (GA) and Support Vector Machine (SVM) Algorithm in a correlation framework. ... INTRUSION DETECTION SYSTEM Intrusion Detection System (IDS) plays an important key role in information security in that, it detects intrusions by using the audit data creäted by systems. ...

doi:10.38124/ijisrt20jul783 fatcat:j7hgqa2bkjethphjx2dmk6mqda

Nowadays, Intrusion Detection Systems (IDSs) are used as main security perspective in order to detect any breaches and to measures security level for most of the organizations. ... The purpose of this paper is to introduce a new blacklist model in order to enhance the accuracy of the IDS. ... Most intrusion analysis approaches are based on alert correlation techniques. ...

doi:10.20533/jitst.2046.3723.2015.0052 fatcat:dv4y5hrcqfg6rgwjtkhmtrxk4e

Objectives: Intrusion Detection System (IDS) models and methods are integrated for better detection of intruders and mitigation of false alarms. ... Integrated IDS is proposed to provide security in a cloud environment. ... Here Snort is installed in an intrusion detection mode. New rules are updated in the snort knowledge base while new attacks detected. ...

doi:10.17485/ijst/2016/v9i22/95170 fatcat:3eh655jbtragvlfqclpk2dkf2i

In order to solve these problems, we propose a Collaborative Network Intrusion Detection System (C-NIDS) to detect network attacks in Cloud by monitoring network traffic, while offering high accuracy by ... addressing newer challenges, namely, intrusion detection in virtual network, monitoring high traffic, scalability and resistance capability. ... For this, the intrusion detection systems (IDS) come into play. It serves to automating the process of intrusion detection. ...

doi:10.1109/cloudtech.2016.7847708 fatcat:ppx3j7pbabfcrd2snoyfvvxuha

The two important problems of collaborative intrusion detection are aggregation and correlation of intrusion events. ... In this article we show that a distributed hash table based approach can reduce both network and computational load of intrusion detection, while providing almost the same accuracy of detection as centralized ... The work reported in the paper has been developed in the framework of the project "Talent care and cultivation in the scientific workshops of BME". ...

doi:10.1007/978-3-642-32808-4_6 fatcat:tohgx4hv3rd73o4fah3bg3lm6i

Also, we leverage some of the characteristics of process control systems such as the regularity of network traffic patterns to perform intrusion detection, with the potential to detect unknown attacks. ... To protect process control networks from cyber intrusions, preventive security measures such as perimeter defenses (for example, network firewalls and demilitarized zones) and secure versions of process ... This report was prepared as an account of work sponsored by an agency of the United States Government. ...

doi:10.1109/hicss.2009.273 dblp:conf/hicss/ValdesC09 fatcat:p2cvzzjhv5hp7hmgwxu6droe4e

Enhanced Correlation in an Intrusion Detection Process [chapter]

Preserved Fulltext

Towards Improved Random Forest based Feature Selection for Intrusion Detection in Smart IOT Environment

Preserved Fulltext

Intrusion detection and Big Heterogeneous Data: a Survey

Preserved Fulltext

OSCIDS: An Ontology based SCADA Intrusion Detection Framework

Preserved Fulltext

Optimizing the Effectiveness of Intrusion Detection System by using Pearson Correlation and Tune Model Hyper Parameter on Microsoft Azure Platform

Preserved Fulltext

Alert Correlation for Cyber-Manufacturing Intrusion Detection

Preserved Fulltext

Improving the Performance of Intrusion Detection System using Machine Learning based Approaches

Preserved Fulltext

A Distributed Real-Time Event Correlation Architecture for SCADA Security [chapter]

Preserved Fulltext

Anomalies Correlation for Risk-Aware Access Control Enhancement

Preserved Fulltext

Hybridized Design For Feature Optimization and Reduction of Intrusion Detection Systems Alert in a Correlation Framework

Preserved Fulltext

A Blacklist Process Model to Enhance the IDS Using Similarity Measurements

Preserved Fulltext

Integrated Intrusion Detection Approach for Cloud Computing

Preserved Fulltext

A collaborative framework for intrusion detection (C-NIDS) in Cloud computing

Preserved Fulltext

Enhancing Collaborative Intrusion Detection Methods Using a Kademlia Overlay Network [chapter]

Preserved Fulltext

Intrusion Monitoring in Process Control Systems

Preserved Fulltext