2004 | OriginalPaper | Chapter
Ontology Based Cooperative Intrusion Detection System
Authors : Yanxiang He, Wei Chen, Min Yang, Wenling Peng
Published in: Network and Parallel Computing
Publisher: Springer Berlin Heidelberg
Included in: Professional Book Archive
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
As malicious intrusions span sites more frequently, network security plays the vital role in internet. Intrusion detection system(IDS) is expected to provide powerful protection against malicious behaviors. However, high false negative and false positive prevent intrusion detection system from practically using. After survey of present intrusion detection systems, we believe more accurate and efficient detection result can be obtained by using multi-sensor cooperative detection. To aiding cooperative detection, an ontology consisting of attribute nodes and value nodes is presented after analysis of IDSs rules and various classes of computer intrusions. On the basis of ontology, a matchmaking method is given to improve flexibility of detection. Cooperative detection framework based on the ontology is also discussed. The ontology proposed in paper has two advantages. First, it makes the detection more flexible and second it provides global locality information to support cooperation.