Title :
Towards adaptive false alarm reduction using Cloud as a Service
Author :
Yuxin Meng ; Wenjuan Li ; Lam-for Kwok
Author_Institution :
Dept. of Comput. Sci., City Univ. of Hong Kong, Hong Kong, China
Abstract :
False alarms are a challenging issue for an intrusion detection system (IDS), which can significantly decrease the effectiveness of detection and heavily increase the burden on analyzing true alarms. With the advent of cloud computing, it is a big chance to mitigate this problem in such a promising environment. In our previous work, we proposed to construct an intelligent false alarm filter by selecting an appropriate algorithm in an adaptive way, whereas the additional workload may be an issue for implementation. In this paper, we begin by presenting a Generic Cloud-based Intrusion Detection Architecture (GCIDA) and we then propose a cloud-based solution to improve the false alarm reduction and reduce the workload using Cloud as a Service (CaaS). In addition, we also describe the procedures and the interactions between the Cloud nodes and the Cloud providers. Experimental results indicate that CaaS can provide sufficient computing power and greatly reduce the workload of adaptive false alarm reduction.
Keywords :
alarm systems; cloud computing; security of data; CaaS; GCIDA; IDS; adaptive false alarm reduction; cloud as a service; cloud computing; cloud nodes; cloud providers; cloud-based solution; generic cloud-based intrusion detection architecture; intelligent false alarm filter; intrusion detection system; true alarm analysis; Cloud computing; Computer architecture; Control systems; Feature extraction; IP networks; Intrusion detection; Machine learning algorithms; Cloud Environment; Cloud as a Service; False Alarm Reduction; Intrusion Detection; Network Performance;
Conference_Titel :
Communications and Networking in China (CHINACOM), 2013 8th International ICST Conference on
Conference_Location :
Guilin
DOI :
10.1109/ChinaCom.2013.6694633
