Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing

Weizhi Meng, Yu Wang, Wenjuan Li, Zhe Liu, Jin Li, Christian W. Probst

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.
Original languageEnglish
Title of host publicationInformation Security and Privacy
Volume10946
PublisherSpringer
Publication date2018
Pages759-767
ISBN (Print)9783319936376
DOIs
Publication statusPublished - 2018
Event23rd Australasian Conference on Information Security and Privacy - University of Wollongong, Wollongong, Australia
Duration: 11 Jul 201813 Jul 2018

Conference

Conference23rd Australasian Conference on Information Security and Privacy
LocationUniversity of Wollongong
CountryAustralia
CityWollongong
Period11/07/201813/07/2018
SeriesLecture Notes in Computer Science
Volume10946
ISSN0302-9743

Keywords

  • Intrusion detection
  • Intelligent false alarm filtration
  • Edge computing
  • Distributed environment
  • Cloud computing

Cite this

Meng, W., Wang, Y., Li, W., Liu, Z., Li, J., & Probst, C. W. (2018). Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing. In Information Security and Privacy (Vol. 10946, pp. 759-767). Springer. Lecture Notes in Computer Science, Vol.. 10946 https://doi.org/10.1007/978-3-319-93638-3_44
Meng, Weizhi ; Wang, Yu ; Li, Wenjuan ; Liu, Zhe ; Li, Jin ; Probst, Christian W. / Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing. Information Security and Privacy. Vol. 10946 Springer, 2018. pp. 759-767 (Lecture Notes in Computer Science, Vol. 10946).
@inproceedings{73cae096a56c43db83be2e0f6062a6b9,
title = "Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing",
abstract = "To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.",
keywords = "Intrusion detection, Intelligent false alarm filtration, Edge computing, Distributed environment, Cloud computing",
author = "Weizhi Meng and Yu Wang and Wenjuan Li and Zhe Liu and Jin Li and Probst, {Christian W.}",
year = "2018",
doi = "10.1007/978-3-319-93638-3_44",
language = "English",
isbn = "9783319936376",
volume = "10946",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "759--767",
booktitle = "Information Security and Privacy",

}

Meng, W, Wang, Y, Li, W, Liu, Z, Li, J & Probst, CW 2018, Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing. in Information Security and Privacy. vol. 10946, Springer, Lecture Notes in Computer Science, vol. 10946, pp. 759-767, 23rd Australasian Conference on Information Security and Privacy , Wollongong, Australia, 11/07/2018. https://doi.org/10.1007/978-3-319-93638-3_44

Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing. / Meng, Weizhi; Wang, Yu; Li, Wenjuan; Liu, Zhe; Li, Jin; Probst, Christian W.

Information Security and Privacy. Vol. 10946 Springer, 2018. p. 759-767 (Lecture Notes in Computer Science, Vol. 10946).

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

TY - GEN

T1 - Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing

AU - Meng, Weizhi

AU - Wang, Yu

AU - Li, Wenjuan

AU - Liu, Zhe

AU - Li, Jin

AU - Probst, Christian W.

PY - 2018

Y1 - 2018

N2 - To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.

AB - To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.

KW - Intrusion detection

KW - Intelligent false alarm filtration

KW - Edge computing

KW - Distributed environment

KW - Cloud computing

U2 - 10.1007/978-3-319-93638-3_44

DO - 10.1007/978-3-319-93638-3_44

M3 - Article in proceedings

SN - 9783319936376

VL - 10946

T3 - Lecture Notes in Computer Science

SP - 759

EP - 767

BT - Information Security and Privacy

PB - Springer

ER -

Meng W, Wang Y, Li W, Liu Z, Li J, Probst CW. Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing. In Information Security and Privacy. Vol. 10946. Springer. 2018. p. 759-767. (Lecture Notes in Computer Science, Vol. 10946). https://doi.org/10.1007/978-3-319-93638-3_44