Skip to main content
Conference Proceedings

A CBR engine adapting to IDS

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2005) 3802 LNAI 334-339
DOI: 10.1007/11596981_50
1Citations
Citations of this article
5Readers
Mendeley users who have this article in their library.
Get full text

Abstract

CBR is one of the most important artificial intelligence methods. In this paper, it is introduced to detect the variation of known attacks and to reduce the false negative rate in rule based IDS. After briefly describes the basic process of CBR and the methods of describing case and constructing case base by rules of IDS, this paper focuses on the CBR engine. A new CBR engine adapting to IDS is designed because the common CBR engines cannot deal with the specialties of intrusion cases in IDS. The structure of the new engine is described by class graph, and the core class as well as the similarity algorithm adopted by it is analyzed. At last, the results of testing the new engine on Snort are shown, and the validity of the engine is substantiated. © Springer-Verlag Berlin Heidelberg 2005.

Cite

CITATION STYLE

APA

Li, L., Tang, W., & Wang, R. (2005). A CBR engine adapting to IDS. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3802 LNAI, pp. 334–339). Springer Verlag. https://doi.org/10.1007/11596981_50

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free