Internet Archive Scholar

Visualization of Misuse-Based Intrusion Detection: Application to Honeynet Data [chapter]

Urko Zurutuza, Enaitz Ezpeleta, Álvaro Herrero, Emilio Corchado
2011 Advances in Intelligent and Soft Computing  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (300.5 kB)
https://web.archive.org/web/20200309222430/https://gredos.usal.es/bitstream/handle/10366/134899/visualization_of_misuse-based_intrusion_detection_application_to_honeynet_data.pdf;jsessionid=5BBFE329205990E73A547999E85BF4DB?sequence=1

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

This study presents a novel soft computing system that provides network managers with a synthetic and intuitive representation of the situation of the monitored network, in order to reduce the widely known high false-positive rate associated to misuse-based Intrusion Detection Systems (IDSs). The proposed system is based on the use of different projection methods for the visual inspection of honeypot data, and may be seen as a complementary network security tool that sheds light on internal
more » ... structures through visual inspection. Furthermore, it is intended to understand the performance of Snort (a well-known misuse-based IDS) through the visualization of attack patterns. Empirical verification and comparison of the proposed projection methods are performed in a real domain where real-life data are defined and analyzed.
doi:10.1007/978-3-642-19644-7_59 dblp:conf/softcomp/ZurutuzaEHC11 fatcat:7fvqyriy6nhi3i3zvins76byri
Citation

Urko Zurutuza, Enaitz Ezpeleta, Álvaro Herrero, Emilio Corchado. "Visualization of Misuse-Based Intrusion Detection: Application to Honeynet Data." Advances in Intelligent and Soft Computing (2011) 561-570