A system for cyber attack detection using contextual semantics

Ahmed AlEroud; George Karabatis

doi:10.1007/978-3-642-30867-3_39

A system for cyber attack detection using contextual semantics

Ahmed AlEroud, George Karabatis

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

12 Scopus citations

Abstract

In this paper, we present a layered cyber-attack detection system with semantics and context capabilities. The described approach has been implemented in a prototype system which uses semantic information about related attacks to infer all possible suspicious network activities from connections between hosts. The relevant attacks generated by semantic techniques are forwarded to context filters that use attack context profiles and host contexts to filter out irrelevant attacks. The prototype system is evaluated on the KDD 1999 intrusion detection dataset, where the experimental results have shown competitive precision and recall values of the system compared with previous approaches.

Original language	English (US)
Title of host publication	7th International Conference on Knowledge Management in Organizations
Subtitle of host publication	Service andCloud Computing
Publisher	Springer Verlag
Pages	431-442
Number of pages	12
ISBN (Print)	9783642308666
DOIs	https://doi.org/10.1007/978-3-642-30867-3_39
State	Published - 2013
Externally published	Yes
Event	7th International Conference on Knowledge Management in Organizations, KMO 2012 - Salamanca, Spain Duration: Jul 11 2012 → Jul 13 2012

Publication series

Name	Advances in Intelligent Systems and Computing
Volume	172 AISC
ISSN (Print)	2194-5357

Conference

Conference	7th International Conference on Knowledge Management in Organizations, KMO 2012
Country/Territory	Spain
City	Salamanca
Period	7/11/12 → 7/13/12

Keywords

Context
Context-aware Cyber Security
Semantic Networks

ASJC Scopus subject areas

Control and Systems Engineering
General Computer Science

Access to Document

10.1007/978-3-642-30867-3_39

Cite this

A system for cyber attack detection using contextual semantics. / AlEroud, Ahmed; Karabatis, George.
7th International Conference on Knowledge Management in Organizations: Service andCloud Computing. Springer Verlag, 2013. p. 431-442 (Advances in Intelligent Systems and Computing; Vol. 172 AISC).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

AlEroud, A & Karabatis, G 2013, A system for cyber attack detection using contextual semantics. in 7th International Conference on Knowledge Management in Organizations: Service andCloud Computing. Advances in Intelligent Systems and Computing, vol. 172 AISC, Springer Verlag, pp. 431-442, 7th International Conference on Knowledge Management in Organizations, KMO 2012, Salamanca, Spain, 7/11/12. https://doi.org/10.1007/978-3-642-30867-3_39

@inproceedings{72ba93c95db343ef8dab6a4d9c7cc762,

title = "A system for cyber attack detection using contextual semantics",

abstract = "In this paper, we present a layered cyber-attack detection system with semantics and context capabilities. The described approach has been implemented in a prototype system which uses semantic information about related attacks to infer all possible suspicious network activities from connections between hosts. The relevant attacks generated by semantic techniques are forwarded to context filters that use attack context profiles and host contexts to filter out irrelevant attacks. The prototype system is evaluated on the KDD 1999 intrusion detection dataset, where the experimental results have shown competitive precision and recall values of the system compared with previous approaches.",

keywords = "Context, Context-aware Cyber Security, Semantic Networks",

author = "Ahmed AlEroud and George Karabatis",

year = "2013",

doi = "10.1007/978-3-642-30867-3_39",

language = "English (US)",

isbn = "9783642308666",

series = "Advances in Intelligent Systems and Computing",

publisher = "Springer Verlag",

pages = "431--442",

booktitle = "7th International Conference on Knowledge Management in Organizations",

note = "7th International Conference on Knowledge Management in Organizations, KMO 2012 ; Conference date: 11-07-2012 Through 13-07-2012",

}

TY - GEN

T1 - A system for cyber attack detection using contextual semantics

AU - AlEroud, Ahmed

AU - Karabatis, George

PY - 2013

Y1 - 2013

N2 - In this paper, we present a layered cyber-attack detection system with semantics and context capabilities. The described approach has been implemented in a prototype system which uses semantic information about related attacks to infer all possible suspicious network activities from connections between hosts. The relevant attacks generated by semantic techniques are forwarded to context filters that use attack context profiles and host contexts to filter out irrelevant attacks. The prototype system is evaluated on the KDD 1999 intrusion detection dataset, where the experimental results have shown competitive precision and recall values of the system compared with previous approaches.

AB - In this paper, we present a layered cyber-attack detection system with semantics and context capabilities. The described approach has been implemented in a prototype system which uses semantic information about related attacks to infer all possible suspicious network activities from connections between hosts. The relevant attacks generated by semantic techniques are forwarded to context filters that use attack context profiles and host contexts to filter out irrelevant attacks. The prototype system is evaluated on the KDD 1999 intrusion detection dataset, where the experimental results have shown competitive precision and recall values of the system compared with previous approaches.

KW - Context

KW - Context-aware Cyber Security

KW - Semantic Networks

UR - http://www.scopus.com/inward/record.url?scp=84866547240&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84866547240&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-30867-3_39

DO - 10.1007/978-3-642-30867-3_39

M3 - Conference contribution

AN - SCOPUS:84866547240

SN - 9783642308666

T3 - Advances in Intelligent Systems and Computing

SP - 431

EP - 442

BT - 7th International Conference on Knowledge Management in Organizations

PB - Springer Verlag

T2 - 7th International Conference on Knowledge Management in Organizations, KMO 2012

Y2 - 11 July 2012 through 13 July 2012

ER -

A system for cyber attack detection using contextual semantics

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this