Visualization of Misuse-Based Intrusion Detection: Application to Honeynet Data
Fecha de publicación
Springer Science + Business Media
Soft Computing Models in Industrial and Environmental Applications, 6th International Conference SOCO 2011 Advances in Intelligent and Soft Computing. Advances in Intelligent and Soft Computing. Volumen 87, pp. 561-570.
This study presents a novel soft computing system that provides network managers with a synthetic and intuitive representation of the situation of the monitored network, in order to reduce the widely known high false-positive rate associated to misuse-based Intrusion Detection Systems (IDSs). The proposed system is based on the use of different projection methods for the visual inspection of honeypot data, and may be seen as a complementary network security tool that sheds light on internal data structures through visual inspection. Furthermore, it is intended to understand the performance of Snort (a well-known misuse-based IDS) through the visualization of attack patterns. Empirical verification and comparison of the proposed projection methods are performed in a real domain where real-life data are defined and analyzed.
978-3-642-19643-0 (Print) / 978-3-642-19644-7 (Online)
1867-5662 (Print) / 1867-5670 (Online)
- BISITE. Congresos 
Files in this item