TY - GEN
T1 - Enhancing Intelligent Alarm Reduction for Distributed Intrusion Detection Systems via Edge Computing
AU - Meng, Weizhi
AU - Wang, Yu
AU - Li, Wenjuan
AU - Liu, Zhe
AU - Li, Jin
AU - Probst, Christian W.
PY - 2018
Y1 - 2018
N2 - To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.
AB - To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.
KW - Intrusion detection
KW - Intelligent false alarm filtration
KW - Edge computing
KW - Distributed environment
KW - Cloud computing
U2 - 10.1007/978-3-319-93638-3_44
DO - 10.1007/978-3-319-93638-3_44
M3 - Article in proceedings
SN - 9783319936376
VL - 10946
T3 - Lecture Notes in Computer Science
SP - 759
EP - 767
BT - Information Security and Privacy
PB - Springer
T2 - 23rd Australasian Conference on Information Security and Privacy
Y2 - 11 July 2018 through 13 July 2018
ER -