Abstract
To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.
| Original language | English |
|---|---|
| Title of host publication | Information Security and Privacy |
| Volume | 10946 |
| Publisher | Springer |
| Publication date | 2018 |
| Pages | 759-767 |
| ISBN (Print) | 9783319936376 |
| DOIs | |
| Publication status | Published - 2018 |
| Event | 23rd Australasian Conference on Information Security and Privacy - University of Wollongong, Wollongong, Australia Duration: 11 Jul 2018 → 13 Jul 2018 Conference number: 23 |
Conference
| Conference | 23rd Australasian Conference on Information Security and Privacy |
|---|---|
| Number | 23 |
| Location | University of Wollongong |
| Country/Territory | Australia |
| City | Wollongong |
| Period | 11/07/2018 → 13/07/2018 |
| Series | Lecture Notes in Computer Science |
|---|---|
| Volume | 10946 |
| ISSN | 0302-9743 |
Keywords
- Intrusion detection
- Intelligent false alarm filtration
- Edge computing
- Distributed environment
- Cloud computing