Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing

Weizhi Meng; Yu Wang; Wenjuan Li; Zhe Liu; Jin Li; Christian W. Probst

doi:10.1007/978-3-319-93638-3_44

Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing

Weizhi Meng, Yu Wang, Wenjuan Li, Zhe Liu, Jin Li, Christian W. Probst

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

Abstract

To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.

Original language	English
Title of host publication	Information Security and Privacy
Volume	10946
Publisher	Springer
Publication date	2018
Pages	759-767
ISBN (Print)	9783319936376
DOIs	https://doi.org/10.1007/978-3-319-93638-3_44
Publication status	Published - 2018
Event	23rd Australasian Conference on Information Security and Privacy - University of Wollongong, Wollongong, Australia Duration: 11 Jul 2018 → 13 Jul 2018

Conference

Conference	23rd Australasian Conference on Information Security and Privacy
Location	University of Wollongong
Country	Australia
City	Wollongong
Period	11/07/2018 → 13/07/2018

Series	Lecture Notes in Computer Science
Volume	10946
ISSN	0302-9743

Keywords

Intrusion detection
Intelligent false alarm filtration
Edge computing
Distributed environment
Cloud computing

Access to Document

10.1007/978-3-319-93638-3_44

Fingerprint Dive into the research topics of 'Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing'. Together they form a unique fingerprint.

Cite this

@inproceedings{73cae096a56c43db83be2e0f6062a6b9,

title = "Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing",

abstract = "To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.",

keywords = "Intrusion detection, Intelligent false alarm filtration, Edge computing, Distributed environment, Cloud computing",

author = "Weizhi Meng and Yu Wang and Wenjuan Li and Zhe Liu and Jin Li and Probst, {Christian W.}",

year = "2018",

doi = "10.1007/978-3-319-93638-3_44",

language = "English",

isbn = "9783319936376 ",

volume = "10946",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "759--767",

booktitle = "Information Security and Privacy",

note = "23rd Australasian Conference on Information Security and Privacy , ACISP 2018 ; Conference date: 11-07-2018 Through 13-07-2018",

}

Meng, W, Wang, Y, Li, W, Liu, Z, Li, J & Probst, CW 2018, Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing. in Information Security and Privacy. vol. 10946, Springer, Lecture Notes in Computer Science, vol. 10946, pp. 759-767, 23rd Australasian Conference on Information Security and Privacy , Wollongong, Australia, 11/07/2018. https://doi.org/10.1007/978-3-319-93638-3_44

Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing. / Meng, Weizhi; Wang, Yu; Li, Wenjuan; Liu, Zhe; Li, Jin; Probst, Christian W.

Information Security and Privacy. Vol. 10946 Springer, 2018. p. 759-767 (Lecture Notes in Computer Science, Vol. 10946).

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

TY - GEN

T1 - Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing

AU - Meng, Weizhi

AU - Wang, Yu

AU - Li, Wenjuan

AU - Liu, Zhe

AU - Li, Jin

AU - Probst, Christian W.

PY - 2018

Y1 - 2018

N2 - To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.

AB - To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.

KW - Intrusion detection

KW - Intelligent false alarm filtration

KW - Edge computing

KW - Distributed environment

KW - Cloud computing

U2 - 10.1007/978-3-319-93638-3_44

DO - 10.1007/978-3-319-93638-3_44

M3 - Article in proceedings

SN - 9783319936376

VL - 10946

T3 - Lecture Notes in Computer Science

SP - 759

EP - 767

BT - Information Security and Privacy

PB - Springer

T2 - 23rd Australasian Conference on Information Security and Privacy

Y2 - 11 July 2018 through 13 July 2018

ER -