Compartir
Titel
Visualization of Misuse-Based Intrusion Detection: Application to Honeynet Data
Autor(es)
Schlagwort
Computer Science
Fecha de publicación
2011
Verlag
Springer Science + Business Media
Citación
Soft Computing Models in Industrial and Environmental Applications, 6th International Conference SOCO 2011 Advances in Intelligent and Soft Computing. Advances in Intelligent and Soft Computing. Volumen 87, pp. 561-570.
Resumen
This study presents a novel soft computing system that provides network managers with a synthetic and intuitive representation of the situation of the monitored network, in order to reduce the widely known high false-positive rate associated to misuse-based Intrusion Detection Systems (IDSs). The proposed system is based on the use of different projection methods for the visual inspection of honeypot data, and may be seen as a complementary network security tool that sheds light on internal data structures through visual inspection. Furthermore, it is intended to understand the performance of Snort (a well-known misuse-based IDS) through the visualization of attack patterns. Empirical verification and comparison of the proposed projection methods are performed in a real domain where real-life data are defined and analyzed.
URI
ISBN
978-3-642-19643-0 (Print) / 978-3-642-19644-7 (Online)
ISSN
1867-5662 (Print) / 1867-5670 (Online)
Aparece en las colecciones
- BISITE. Congresos [232]
Dateien zu dieser Ressource
Tamaño:
293.4Kb
Formato:
Adobe PDF