TY - GEN
T1 - Enhancing intelligent alarm reduction for distributed intrusion detection systems via edge computing
AU - Meng, Weizhi
AU - Wang, Yu
AU - Li, Wenjuan
AU - Liu, Zhe
AU - Li, Jin
AU - Probst, Christian W.
N1 - Publisher Copyright:
© Springer International Publishing AG, part of Springer Nature 2018.
PY - 2018
Y1 - 2018
N2 - To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.
AB - To construct an intelligent alarm filter is a promising solution to help reduce false alarms for an intrusion detection system (IDS), in which an appropriate algorithm can be selected in an adaptive way. Taking the advantage of cloud computing, the process of algorithm selection can be offloaded to the cloud, but it may cause communication delay and additional burden on the cloud side. This issue may become worse when it comes to distributed intrusion detection systems (DIDSs), i.e., some IoT applications might require very short response time and most of the end nodes in IoT are energy constrained things. In this paper, with the advent of edge computing, we propose a framework for improving the intelligent false alarm reduction for DIDSs based on edge computing devices (i.e., the data can be processed at the edge for shorter response time and could be more energy efficient). The evaluation shows that the proposed framework can help reduce the workload for the central server and shorten the delay as compared to the similar studies.
KW - Cloud computing
KW - Distributed environment
KW - Edge computing
KW - Intelligent false alarm filtration
KW - Intrusion detection
UR - http://www.scopus.com/inward/record.url?scp=85049782046&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-93638-3_44
DO - 10.1007/978-3-319-93638-3_44
M3 - Conference article published in proceeding or book
AN - SCOPUS:85049782046
SN - 9783319936376
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 759
EP - 767
BT - Information Security and Privacy - 23rd Australasian Conference, ACISP 2018, Proceedings
A2 - Susilo, Willy
A2 - Yang, Guomin
PB - Springer Verlag
T2 - 23rd Australasian Conference on Information Security and Privacy, ACISP 2018
Y2 - 11 July 2018 through 13 July 2018
ER -