Login New user?  
01-Applied Mathematics & Information Sciences
An International Journal
               
  AMIS Home
  Aim and Scope
  For Reviewers
  For Authors
  Editorial Board
  Publication Ethics
  Author Self-Archiving
  Processing Charges
  Special Issues
  Submit an Article
  Content
  Forthcoming Papers
  Subscription

Content
 

Volumes > Volume 11 > No. 2
 
   

A Fusion Framework of IDS Alerts and Darknet Traffic for Effective Incident Monitoring and Response
PP: 417-422
doi:10.18576/amis/110209
Author(s)
Sang-Soo Choi, Seok-Hun Kim, Hark-Soo Park,
Abstract
Most organizations deploy and operate intrusion detection systems (IDSs) in order to cope with cyber attacks. However, in many cases, it is very difficult to not only analyze IDS alerts in real-time, but also identify real cyber attacks with a high detection accuracy because IDSs record the tremendous amount of alerts and most of them are false positives. Many approaches have been proposed to solve this issue, but there is a limitation in that they have focused on dealing with only IDS alerts. Therefore, in this paper, we propose a fusion framework of IDS alerts and darknet traffic, which is aiming at improving the effectiveness of the incident monitoring and response process. The experimental results show that the proposed framework could detect real cyber attacks that were not detected by IDSs and to identify more dangerous IDS alerts related to real cyber attacks.

  Home   About us   News   Journals   Conferences Contact us Copyright naturalspublishing.com. All Rights Reserved