Sökning: id:"swepub:oai:DiVA.org:kth-308511" >
IDS rule management...
IDS rule management made easy
-
- Afzal, Zeeshan, 1991- (författare)
- Karlstads universitet,Institutionen för matematik och datavetenskap (from 2013),PriSec
-
- Lindskog, Stefan, 1967- (författare)
- Karlstads universitet,Institutionen för matematik och datavetenskap (from 2013),PriSec
-
(creator_code:org_t)
- IEEE, 2016
- 2016
- Engelska.
-
Ingår i: Electronics, Computers and Artificial Intelligence (ECAI), 2016 8th International Conference on. - : IEEE. - 9781509020485 - 9781509020478
- Relaterad länk:
-
https://urn.kb.se/re...
-
visa fler...
-
https://doi.org/10.1...
-
visa färre...
Abstract
Ämnesord
Stäng
- Signature-based intrusion detection systems (IDSs) are commonly utilized in enterprise networks to detect and possibly block a wide variety of attacks. Their application in industrial control systems (ICSs) is also growing rapidly as modem ICSs increasingly use open standard protocols instead of proprietary. Due to an ever changing threat landscape, the rulesets used by these IDSs have grown large and there is no way to verify their precision or accuracy. Such broad and non-optimized rulesets lead to false positives and an unnecessary burden on the IDS, resulting in possible degradation of the security. This work proposes a methodology consisting of a set of tools to help optimize the IDS rulesets and make rule management easier. The work also provides attack traffic data that is expected to benefit the task of IDS assessment.
Ämnesord
- NATURVETENSKAP -- Data- och informationsvetenskap -- Datavetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Computer Sciences (hsv//eng)
Publikations- och innehållstyp
- ref (ämneskategori)
- kon (ämneskategori)
Hitta via bibliotek
Till lärosätets databas