In order to increase the accuracy of intrusion detection rate and reduce the false alarm rate for cyber-security analysis, attack correlation has become an indispensable component in most intrusion detection systems. However, traditional intrusion detection techniques often fail to handle the complex and uncertain network attack correlation tasks. We propose the creation of semantic networks that build relationships among network attacks and assist in automatically identifying and predicting related attacks. Also, our method can increase the precision in detecting probable attacks. Experimental results show that our semantic network, using the Anderberg similarity measure, performs better in terms of precision and recall compared to existing correlation approaches in the cyber-security domain.
This site is safe
You are at a security, SSL-enabled, site. All our eBooks sources are constantly verified.
