1. A Knowledge-Based Approach to Intrusion Detection Modeling
- Author
-
Sumit S. More, M. Matthews, Anupam Joshi, and Tim Finin
- Subjects
business.industry ,Anomaly-based intrusion detection system ,Computer science ,intrusion detection ,vulnerability ,Vulnerability ,security ,Intrusion detection system ,Ontology (information science) ,computer.software_genre ,Computer security ,ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS ,Information extraction ,Knowledge-based systems ,The Internet ,information extraction ,ontology ,UMBC Ebiquity Research Group ,Intrusion prevention system ,business ,computer - Abstract
Proceedings of the IEEE Workshop on Semantic Computing and Security, Current state of the art intrusion detection and prevention systems (IDPS) are signature-based systems that detect threats and vulnerabilities by cross-referencing the threat or vulnerability signatures in their databases. These systems are incapable of taking advantage of heterogeneous data sources for analysis of system activities for threat detection. This work presents a situation-aware intrusion detection model that integrates these heterogeneous data sources and build a semantically rich knowledge-base to detect cyber threats/vulnerabilities.
- Published
- 2012
- Full Text
- View/download PDF