2008 | OriginalPaper | Buchkapitel
Using Attacks Ontology in Distributed Intrusion Detection System
verfasst von : F. Abdoli, M. Kahani
Erschienen in: Advances in Computer and Information Sciences and Engineering
Verlag: Springer Netherlands
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
In this paper we discussed about utilizing methods and techniques of semantic web in the Intrusion Detection Systems. We study, using of ontology, in a Distributed Intrusion Detection System for extracting semantic relation between computer attacks and intrusions. We used Protégé software for building an ontology specifying computer attacks and intrusion. Our Distributed Intrusion Detection System is a network, contains some systems that every system has an individual Intrusion Detection System; and special central system, that contains our proposed attacks ontology. Every time any system detects an attack or new suspected situation, send detection report for central system , with this ontology the central system can extract the semantic relationship among computer attacks and suspected situations in the network; and it is better to decide about them and consequently reduce the rate of false positive and false negative in Intrusion Detection Systems.