Enhancing intelligent alarm reduction for distributed intrusion detection systems via edge computing

Weizhi Meng, Yu Wang, Wenjuan Li, Zhe Liu, Jin Li, Christian W. Probst

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

12 Citations (Scopus)

Abstract

To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.

Original languageEnglish
Title of host publicationInformation Security and Privacy - 23rd Australasian Conference, ACISP 2018, Proceedings
EditorsWilly Susilo, Guomin Yang
PublisherSpringer Verlag
Pages759-767
Number of pages9
ISBN (Print)9783319936376
DOIs
Publication statusPublished - 2018
Externally publishedYes
Event23rd Australasian Conference on Information Security and Privacy, ACISP 2018 - Wollongong, Australia
Duration: 11 Jul 201813 Jul 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10946 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference23rd Australasian Conference on Information Security and Privacy, ACISP 2018
Country/TerritoryAustralia
CityWollongong
Period11/07/1813/07/18

Keywords

  • Cloud computing
  • Distributed environment
  • Edge computing
  • Intelligent false alarm filtration
  • Intrusion detection

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this