รหัสดีโอไอ 10.14456/jait.2021.6
Creator Jatuphum Juanchaiyaphum
Title Intrusion Alert Framework using Semantic Web and Data Mining Approach
Contributor Preecha Noiumkar, Vuttichai Vichaianchai
Publisher Faculty of Informatics, Mahasarakham University
Publication Year 2021
Journal Title Journal of Applied Informatics and Technology
Journal Vol. 3
Journal No. 2
Page no. 63-81
Keyword Intrusion alert analysis, Alert correlation, Ontology, Attack scenarios
URL Website https://ph01.tci-thaijo.org/index.php/jait/
Website title Journal of Applied Informatics and Technology
ISSN 2586-8136
Abstract This research proposes a combination of semantic web and datamining approach to examine alert logs and reconstruct attack scenarios that provide crucial evidences to understand about damaging effects, emerged from the attack scenarios. This method extracts information from low-level alerts using ontological knowledge that the candidate attack scenarios are generated using a relationship between alerts, defined by the applied Cyber kill-chain concept. Afterward, Association rule algorithm is applied to mine frequent attack sequential patterns from candidate attack scenarios. Experiments using the DARPA 2000 LLDOS 1.0 dataset indicated that the proposed approach is effective; it reduces the false alerts and extracts a useful information that can solve the direct problems and cut the analysis time. The comparison of the proposed approach with related alert-correlation approaches showed that the approach is more effective than others in particular completeness and soundness.
ดิจิตอลไฟล์ Digital File

บรรณานุกรม

Jatuphum Juanchaiyaphum และ Preecha Noiumkar; Vuttichai Vichaianchai. (2021) Intrusion Alert Framework using Semantic Web and Data Mining Approach. Journal of Applied Informatics and Technology, 3(2), 63-81.
Jatuphum Juanchaiyaphum และ Preecha Noiumkar; Vuttichai Vichaianchai. "Intrusion Alert Framework using Semantic Web and Data Mining Approach". Journal of Applied Informatics and Technology 3 (2021):63-81.
Jatuphum Juanchaiyaphum และ Preecha Noiumkar; Vuttichai Vichaianchai. Intrusion Alert Framework using Semantic Web and Data Mining Approach. Faculty of Informatics, Mahasarakham University:ม.ป.ท. 2021.