Adding contextual information to Intrusion Detection Systems using Fuzzy Cognitive Maps

2016 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA) Pub Date : 2016-03-21 DOI:10.1109/COGSIMA.2016.7497807

Francisco J. Aparicio-Navarro, K. Kyriakopoulos, D. Parish, J. Chambers

{"title":"Adding contextual information to Intrusion Detection Systems using Fuzzy Cognitive Maps","authors":"Francisco J. Aparicio-Navarro, K. Kyriakopoulos, D. Parish, J. Chambers","doi":"10.1109/COGSIMA.2016.7497807","DOIUrl":null,"url":null,"abstract":"In the last few years there has been considerable increase in the efficiency of Intrusion Detection Systems (IDSs). However, networks are still the victim of attacks. As the complexity of these attacks keeps increasing, new and more robust detection mechanisms need to be developed. The next generation of IDSs should be designed incorporating reasoning engines supported by contextual information about the network, cognitive information from the network users and situational awareness to improve their detection results. In this paper, we propose the use of a Fuzzy Cognitive Map (FCM) in conjunction with an IDS to incorporate contextual information into the detection process. We have evaluated the use of FCMs to adjust the Basic Probability Assignment (BPA) values defined prior to the data fusion process, which is crucial for the IDS that we have developed. The results that we present verify that FCMs can improve the efficiency of our IDS by reducing the number of false alarms, while not affecting the number of correct detections.","PeriodicalId":194697,"journal":{"name":"2016 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COGSIMA.2016.7497807","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

In the last few years there has been considerable increase in the efficiency of Intrusion Detection Systems (IDSs). However, networks are still the victim of attacks. As the complexity of these attacks keeps increasing, new and more robust detection mechanisms need to be developed. The next generation of IDSs should be designed incorporating reasoning engines supported by contextual information about the network, cognitive information from the network users and situational awareness to improve their detection results. In this paper, we propose the use of a Fuzzy Cognitive Map (FCM) in conjunction with an IDS to incorporate contextual information into the detection process. We have evaluated the use of FCMs to adjust the Basic Probability Assignment (BPA) values defined prior to the data fusion process, which is crucial for the IDS that we have developed. The results that we present verify that FCMs can improve the efficiency of our IDS by reducing the number of false alarms, while not affecting the number of correct detections.

查看原文本刊更多论文

基于模糊认知地图的入侵检测系统中添加上下文信息

在过去几年中，入侵检测系统(ids)的效率有了相当大的提高。然而，网络仍然是攻击的受害者。随着这些攻击的复杂性不断增加，需要开发新的、更健壮的检测机制。下一代入侵防御系统的设计应结合由网络上下文信息、网络用户认知信息和态势感知支持的推理引擎，以改善其检测结果。在本文中，我们建议将模糊认知图(FCM)与IDS结合使用，以将上下文信息纳入检测过程。我们已经评估了fcm的使用，以调整数据融合过程之前定义的基本概率分配(BPA)值，这对我们开发的IDS至关重要。我们提出的结果验证了fcm可以通过减少假警报的数量来提高IDS的效率，同时不影响正确检测的数量。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2016 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA)

自引率

0.00%

发文量