Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing

Weizhi Meng, Yu Wang, Wenjuan Li, Zhe Liu, Jin Li, Christian W. Probst

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.
Original languageEnglish
Title of host publicationInformation Security and Privacy
Volume10946
PublisherSpringer
Publication date2018
Pages759-767
ISBN (Print)9783319936376
DOIs
Publication statusPublished - 2018
Event23rd Australasian Conference on Information Security and Privacy - University of Wollongong, Wollongong, Australia
Duration: 11 Jul 201813 Jul 2018
Conference number: 23

Conference

Conference23rd Australasian Conference on Information Security and Privacy
Number23
LocationUniversity of Wollongong
Country/TerritoryAustralia
CityWollongong
Period11/07/201813/07/2018
SeriesLecture Notes in Computer Science
Volume10946
ISSN0302-9743

Keywords

  • Intrusion detection
  • Intelligent false alarm filtration
  • Edge computing
  • Distributed environment
  • Cloud computing

Fingerprint

Dive into the research topics of 'Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing'. Together they form a unique fingerprint.

Cite this