Skip to main content

A CBR Engine Adapting to IDS

  • Conference paper
Computational Intelligence and Security (CIS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3802))

Included in the following conference series:

Abstract

CBR is one of the most important artificial intelligence methods. In this paper, it is introduced to detect the variation of known attacks and to reduce the false negative rate in rule based IDS. After briefly describes the basic process of CBR and the methods of describing case and constructing case base by rules of IDS, this paper focuses on the CBR engine. A new CBR engine adapting to IDS is designed because the common CBR engines cannot deal with the specialties of intrusion cases in IDS. The structure of the new engine is described by class graph, and the core class as well as the similarity algorithm adopted by it is analyzed. At last, the results of testing the new engine on Snort are shown, and the validity of the engine is substantiated.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Kolodner, J.: Case-based Reasoning. Morgan Kaufmann Publishers Inc., San Francisco (1993)

    Google Scholar 

  2. Wetzel, B.: Implementing A Search Engine With Case Based Reasoning (9/7/2002), http://ihatebaylor.com/technical/computer/ai/selection_engine/CBR

  3. Caswell, B., Beale, J., Foster, J.C., Posluns, J.: Snort 2.0 Intrusion Detection. National Defence Industry Press, Beijing (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Li, L., Tang, W., Wang, R. (2005). A CBR Engine Adapting to IDS. In: Hao, Y., et al. Computational Intelligence and Security. CIS 2005. Lecture Notes in Computer Science(), vol 3802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11596981_50

Download citation

  • DOI: https://doi.org/10.1007/11596981_50

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30819-5

  • Online ISBN: 978-3-540-31598-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics