ISM-AC: an immune security model based on alert correlation and software-defined networking

Melo Roberto Vasconcelos; de Macedo Douglas D. J.; Kreutz DiegoDe Benedictis AlessandraFiorenza Mauricio Martinuzzi

首页> 外文期刊>International Journal of Information Security >ISM-AC: an immune security model based on alert correlation and software-defined networking

【24h】

ISM-AC: an immune security model based on alert correlation and software-defined networking

机译：ISM-AC: an immune security model based on alert correlation and software-defined networking

获取原文

获取原文并翻译 | 示例

获取外文期刊封面封底 >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相关主题

摘要

Anomaly-based detection techniques have a high number of false positives, which degrades the detection performance. To address this issue, we propose a distributed intrusion detection system, named ISM-AC, based on anomaly detection using artificial immune system and attack graph correlation. To analyze network traffic, we use negative selection, clonal selection, and immune network algorithms to implement an agent-based detection system. ISM-AC leverages the programmability of software-defined networking to reduce the false positive rate. Our findings show that ISM-AC achieves better detection performance for denial of service, user to root, remote to local, and probe attack classes. Alert correlation plays a key role in this achievement.

著录项

来源
《International Journal of Information Security》 |2022年第2期|191-205|共15页
作者
Melo Roberto Vasconcelos; de Macedo Douglas D. J.; Kreutz DiegoDe Benedictis AlessandraFiorenza Mauricio Martinuzzi;
展开▼
作者单位

Fed Univ Sergipe UFS;

Fed Univ Santa Catarina UFSC;

Fed Univ Pampa UNIPAMPAUniv Naples Federico II;

展开▼
收录信息
原文格式 PDF
正文语种英语
中图分类 TP393.08;
关键词
Network security; Correlation; Intrusion detection; Anomaly; Artificial immune systems; INTRUSION DETECTION; DEFENSE-MECHANISMS; MANAGEMENT; IDS; SDN;

ISM-AC: an immune security model based on alert correlation and software-defined networking

摘要

著录项

相关主题

期刊订阅