Skip to main content
SpringerLink
Log in

An Hybrid Architecture to Enhance Attacks Detection on IT infrastructure

  • Conference paper
Intelligent Distributed Computing VIII

Part of the book series: Studies in Computational Intelligence ((SCI,volume 570))

  • 1557 Accesses

Abstract

Nowadays, IT systems are widely used to support the services offered from any infrastructure. This allows the improvement of business processes but on the other hand it exposes the infrastructure to cyber-attacks. Misuse and anomaly detection are two widely adopted approaches to discover known and unknown cyberattacks. In this paper we provide an overviewof the techniques currently adopted for misuse and anomaly detection and we discuss a conceptual architecture that exploits the advantages of both misuse and anomaly detection to improve cyber-security. Also we provide a conceptual description of an expert system that solves conflicts due to detection mismatches between misuse and anomaly detection techniques.

This work has been partly supported by the project ÒSmart-Health 2.0Ó́ (PON04a2_C/20).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Coppolino, L., D’Antonio, S., Garofalo, A., Romano, L.: Applying Data Mining Techniques to Intrusion Detection in Wireless Sensor Networks. In: P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC) (2013)

    Google Scholar 

  2. Di Sarno, C., Formicola, V., Sicuranza, M., Paragliola, G.: Addressing Security Issues of Electronic Health Record Systems through Enhanced SIEM Technology. In: Availability, Reliability and Security, ARES (2013)

    Google Scholar 

  3. Eswari, T., Vanitha, V.: A novel rule based intrusion detection framework for Wireless Sensor Networks. In: ICICES (2013)

    Google Scholar 

  4. Das, K., Schneider, J.: Detecting anomalous records in categorical datasets. In: Proceedings of the 13th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 2007 (2007)

    Google Scholar 

  5. Neumann, P., Porras, P.: Experience with Emerald to Date. In: Proceedings of the First Workshop on Intrusion Detection and Network Monitoring, Santa Clara (1999)

    Google Scholar 

  6. Tandon, G., Chan, P.K.: Weighting versus pruning in rule validation for detecting network and host anomalies. In: Proceedings of the 13th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (2007)

    Google Scholar 

  7. Yu, W.-F., Wang, N.: Research on Credit Card Fraud Detection Model Based on Distance Sum. In: Artificial Intelligence, JCAI 2009 (2009)

    Google Scholar 

  8. Ilgun, K., Kemmerer, R.A., Porras, P.A.: State transition analysis: a rule-based intrusion detection approach. IEEE Transactions Software Engineering

    Google Scholar 

  9. Han, H., Lu, X.-L., Ren, L.-Y.: ”Using data mining to discover signatures in network-based intrusion detection. Machine Learning and Cybernetics (2002)

    Google Scholar 

  10. Afzaal, M., Di Sarno, C., Coppolino, L., D’Antonio, S., Romano, L.: A Resilient Architecture for Forensic Storage of Events in Critical Infrastructures. In: Proceedings of the 2012 IEEE 14th International Symposium on High-Assurance Systems Engineering (2012)

    Google Scholar 

  11. Camastra, F., Ciaramella, A., Staiano, A.: Machine learning and soft computing for ICT security: an overview of current trends. J. Ambient Intelligence and Humanized Computing 4(2), 235–247 (2013)

    Article  Google Scholar 

  12. Sicuranza, M., Ciampi, M., De Pietro, G., Esposito, C.: Secure healthcare data sharing among federated health information systems. Int. J. Crit. Comput.-Based Syst. 4(4), 349–373 (2013)

    Article  Google Scholar 

  13. Ficco, M.: Security event correlation approach for cloud computing. International Journal of High Performance Computing and Networking (IJHPCN) 7(3) (2013)

    Google Scholar 

  14. Ficco, M., Coppolino, L., Romano, L.: A Weight-Based Symptom Correlation Approach to SQL Injection Attacks. In: Fourth Latin-American Symposium on Dependable Computing, LADC 2009, September 1-4 (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of High Performance Computing and Networking, National Research Council, ICAR-CNR, Naples, Italy

    Mario Sicuranza & Giovanni Paragliola

  2. Department of Engineering, University of Naples “Parthenope”, Naples, Italy

    Cesario Di Sarno & Alessia Garofalo

Authors
  1. Mario Sicuranza
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Giovanni Paragliola
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Cesario Di Sarno
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Alessia Garofalo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mario Sicuranza .

Editor information

Editors and Affiliations

  1. Computer Science Department, Technical School of Engineering, Universidad Autónoma de Madrid, Madrid, Spain

    David Camacho

  2. University of Hamburg, Hamburg, Germany

    Lars Braubach

  3. Department of Industrial and Information Engineering, Second University of Naples, Aversa, Italy

    Salvatore Venticinque

  4. Software Engineering Department, Faculty of Automatics, Computers and Ele, University of Craiova, Craiova, Romania

    Costin Badica

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Sicuranza, M., Paragliola, G., Di Sarno, C., Garofalo, A. (2015). An Hybrid Architecture to Enhance Attacks Detection on IT infrastructure. In: Camacho, D., Braubach, L., Venticinque, S., Badica, C. (eds) Intelligent Distributed Computing VIII. Studies in Computational Intelligence, vol 570. Springer, Cham. https://doi.org/10.1007/978-3-319-10422-5_45

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-10422-5_45

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-10421-8

  • Online ISBN: 978-3-319-10422-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation