A Knowledge-Based Approach to Intrusion Detection Modeling

Author

More, Sagar ; Matthews, Mark ; Joshi, Akanksha ; Finin, Tim

Author_Institution

Comput. Sci. & Electr. Eng, Univ. of Maryland, Baltimore, MD, USA

fYear

2012

fDate

24-25 May 2012

Firstpage

75

Lastpage

81

Abstract

Current state of the art intrusion detection and prevention systems (IDPS) are signature-based systems that detect threats and vulnerabilities by cross-referencing the threat or vulnerability signatures in their databases. These systems are incapable of taking advantage of heterogeneous data sources for analysis of system activities for threat detection. This work presents a situation-aware intrusion detection model that integrates these heterogeneous data sources and build a semantically rich knowledge-base to detect cyber threats/vulnerabilities.

Keywords

Internet; ontologies (artificial intelligence); security of data; text analysis; Web-text analysis; cyber threats; heterogeneous data sources; intrusion detection and prevention systems; intrusion detection modeling; ontology knowledge-based approach; signature-based systems; situation-aware intrusion detection model; threat detection; vulnerability signatures; Cognition; Databases; Intrusion detection; Knowledge based systems; Monitoring; Ontologies; Semantics; information extraction; intrusion detection; ontology; security; vulnerability;

fLanguage

English

Publisher

ieee

Conference_Titel

Security and Privacy Workshops (SPW), 2012 IEEE Symposium on

Conference_Location

San Francisco, CA

Print_ISBN

978-1-4673-2157-0

Type

conf

DOI

10.1109/SPW.2012.26

Filename

6227687