• DocumentCode
    579165
  • Title

    An ontology-based system to identify complex network attacks

  • Author

    Frye, Lisa ; Cheng, Liang ; Heflin, Jeff

  • Author_Institution
    Comput. Sci. Dept., Kutztown Univ., Kutztown, PA, USA
  • fYear
    2012
  • fDate
    10-15 June 2012
  • Firstpage
    6683
  • Lastpage
    6688
  • Abstract
    Intrusion Detection Systems are tools used to detect attacks against networks. Many of these attacks are a sequence of multiple simple attacks. These complex attacks are more difficult to identify because (a) they are difficult to predict, (b) almost anything could be an attack, and (c) there are a huge number of possibilities. The problem is that the expertise of what constitutes an attack lies in the tacit knowledge of experienced network engineers. By providing an ontological representation of what constitutes a network attack human expertise to be codified and tested. The details of this representation are explained. An implementation of the representation has been developed. Lastly, the use of the representation in an Intrusion Detection System for complex attack detection has been demonstrated using use cases.
  • Keywords
    computer network security; ontologies (artificial intelligence); complex attack detection; human expertise; identify complex network attacks; intrusion detection systems; multiple simple attacks; network engineers; ontology-based system; Availability; IP networks; Intrusion detection; OWL; Ontologies; Telecommunication traffic; Computer network security; Intrusion Detection System; Ontology;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communications (ICC), 2012 IEEE International Conference on
  • Conference_Location
    Ottawa, ON
  • ISSN
    1550-3607
  • Print_ISBN
    978-1-4577-2052-9
  • Electronic_ISBN
    1550-3607
  • Type

    conf

  • DOI
    10.1109/ICC.2012.6364689
  • Filename
    6364689
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=579165