A system for cyber attack detection using contextual semantics

Ahmed AlEroud, George Karabatis

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Scopus citations

Abstract

In this paper, we present a layered cyber-attack detection system with semantics and context capabilities. The described approach has been implemented in a prototype system which uses semantic information about related attacks to infer all possible suspicious network activities from connections between hosts. The relevant attacks generated by semantic techniques are forwarded to context filters that use attack context profiles and host contexts to filter out irrelevant attacks. The prototype system is evaluated on the KDD 1999 intrusion detection dataset, where the experimental results have shown competitive precision and recall values of the system compared with previous approaches.

Original languageEnglish (US)
Title of host publication7th International Conference on Knowledge Management in Organizations
Subtitle of host publicationService andCloud Computing
PublisherSpringer Verlag
Pages431-442
Number of pages12
ISBN (Print)9783642308666
DOIs
StatePublished - 2013
Externally publishedYes
Event7th International Conference on Knowledge Management in Organizations, KMO 2012 - Salamanca, Spain
Duration: Jul 11 2012Jul 13 2012

Publication series

NameAdvances in Intelligent Systems and Computing
Volume172 AISC
ISSN (Print)2194-5357

Conference

Conference7th International Conference on Knowledge Management in Organizations, KMO 2012
CountrySpain
CitySalamanca
Period7/11/127/13/12

Keywords

  • Context
  • Context-aware Cyber Security
  • Semantic Networks

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Computer Science(all)

Fingerprint Dive into the research topics of 'A system for cyber attack detection using contextual semantics'. Together they form a unique fingerprint.

Cite this