As malicious intrusions span sites more frequently, network security plays the vital role in internet. Intrusion detection system(IDS) is expected to provide powerful protection against malicious behaviors. However, high false negative and false positive prevent intrusion detection system from practically using. After survey of present intrusion detection systems, we believe more accurate and efficient detection result can be obtained by using multi-sensor cooperative detection. To aiding cooperative detection, an ontology consisting of attribute nodes and value nodes is presented after analysis of IDSs rules and various classes of computer intrusions. On the basis of ontology, a matchmaking method is given to improve flexibility of detection. Cooperative detection framework based on the ontology is also discussed. The ontology proposed in paper has two advantages. First, it makes the detection more flexible and second it provides global locality information to support cooperation. © IFIP International Federation for Information Processing 2004.
CITATION STYLE
He, Y., Chen, W., Yang, M., & Peng, W. (2004). Ontology based cooperative intrusion detection system. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 3222, 419–426. https://doi.org/10.1007/978-3-540-30141-7_59
Mendeley helps you to discover research relevant for your work.