Abstract
Nowadays, IT systems are widely used to support the services offered from any infrastructure. This allows the improvement of business processes but on the other hand it exposes the infrastructure to cyber-attacks. Misuse and anomaly detection are two widely adopted approaches to discover known and unknown cyberattacks. In this paper we provide an overviewof the techniques currently adopted for misuse and anomaly detection and we discuss a conceptual architecture that exploits the advantages of both misuse and anomaly detection to improve cyber-security. Also we provide a conceptual description of an expert system that solves conflicts due to detection mismatches between misuse and anomaly detection techniques.
This work has been partly supported by the project ÒSmart-Health 2.0Ó́ (PON04a2_C/20).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Coppolino, L., D’Antonio, S., Garofalo, A., Romano, L.: Applying Data Mining Techniques to Intrusion Detection in Wireless Sensor Networks. In: P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC) (2013)
Di Sarno, C., Formicola, V., Sicuranza, M., Paragliola, G.: Addressing Security Issues of Electronic Health Record Systems through Enhanced SIEM Technology. In: Availability, Reliability and Security, ARES (2013)
Eswari, T., Vanitha, V.: A novel rule based intrusion detection framework for Wireless Sensor Networks. In: ICICES (2013)
Das, K., Schneider, J.: Detecting anomalous records in categorical datasets. In: Proceedings of the 13th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 2007 (2007)
Neumann, P., Porras, P.: Experience with Emerald to Date. In: Proceedings of the First Workshop on Intrusion Detection and Network Monitoring, Santa Clara (1999)
Tandon, G., Chan, P.K.: Weighting versus pruning in rule validation for detecting network and host anomalies. In: Proceedings of the 13th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (2007)
Yu, W.-F., Wang, N.: Research on Credit Card Fraud Detection Model Based on Distance Sum. In: Artificial Intelligence, JCAI 2009 (2009)
Ilgun, K., Kemmerer, R.A., Porras, P.A.: State transition analysis: a rule-based intrusion detection approach. IEEE Transactions Software Engineering
Han, H., Lu, X.-L., Ren, L.-Y.: ”Using data mining to discover signatures in network-based intrusion detection. Machine Learning and Cybernetics (2002)
Afzaal, M., Di Sarno, C., Coppolino, L., D’Antonio, S., Romano, L.: A Resilient Architecture for Forensic Storage of Events in Critical Infrastructures. In: Proceedings of the 2012 IEEE 14th International Symposium on High-Assurance Systems Engineering (2012)
Camastra, F., Ciaramella, A., Staiano, A.: Machine learning and soft computing for ICT security: an overview of current trends. J. Ambient Intelligence and Humanized Computing 4(2), 235–247 (2013)
Sicuranza, M., Ciampi, M., De Pietro, G., Esposito, C.: Secure healthcare data sharing among federated health information systems. Int. J. Crit. Comput.-Based Syst. 4(4), 349–373 (2013)
Ficco, M.: Security event correlation approach for cloud computing. International Journal of High Performance Computing and Networking (IJHPCN) 7(3) (2013)
Ficco, M., Coppolino, L., Romano, L.: A Weight-Based Symptom Correlation Approach to SQL Injection Attacks. In: Fourth Latin-American Symposium on Dependable Computing, LADC 2009, September 1-4 (2009)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Sicuranza, M., Paragliola, G., Di Sarno, C., Garofalo, A. (2015). An Hybrid Architecture to Enhance Attacks Detection on IT infrastructure. In: Camacho, D., Braubach, L., Venticinque, S., Badica, C. (eds) Intelligent Distributed Computing VIII. Studies in Computational Intelligence, vol 570. Springer, Cham. https://doi.org/10.1007/978-3-319-10422-5_45
Download citation
DOI: https://doi.org/10.1007/978-3-319-10422-5_45
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-10421-8
Online ISBN: 978-3-319-10422-5
eBook Packages: EngineeringEngineering (R0)