@inproceedings{63fcb6d43edf4a5299fd01fe872de168,
title = "Methods and techniques to identify security incidents using domain knowledge and contextual information",
abstract = "a recent trend in intrusion detection is toward utilizing knowledge-based IDSs. Knowledge-based IDSs store knowledge about cyber-attacks and possible vulnerabilities and use this knowledge to guide the process of attack prediction. One significant limitation of knowledge-based IDSs is the lack of contextual information and domain knowledge used to detect attacks. Contextual information is not only the configuration on the targeted systems and their vulnerabilities. It also covers semantic relationships between malicious activities. In addition, domain knowledge extracted from taxonomies about those activities is a significant contextual factor in attack identification. To overcome these limitations, this work introduces a novel contextual framework which consists of several attack prediction models that are utilized in conjunction with IDSs to detect cyber-attacks.",
keywords = "Context, Cyber Security, Data mining, Domain knowledge, Intrusion detection",
author = "Ahmed AlEroud and George Karabatis",
note = "Publisher Copyright: {\textcopyright} 2017 IFIP.; 15th IFIP/IEEE International Symposium on Integrated Network and Service Management, IM 2017 ; Conference date: 08-05-2017 Through 12-05-2017",
year = "2017",
month = jul,
day = "20",
doi = "10.23919/INM.2017.7987435",
language = "English (US)",
series = "Proceedings of the IM 2017 - 2017 IFIP/IEEE International Symposium on Integrated Network and Service Management",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "1040--1045",
editor = "Prosper Chemouil and Paulo Simoes and Edmundo Madeira and Stefano Secci and Edmundo Monteiro and Gaspary, {Luciano Paschoal} and {dos Santos}, {Carlos Raniery P.} and Marinos Charalambides",
booktitle = "Proceedings of the IM 2017 - 2017 IFIP/IEEE International Symposium on Integrated Network and Service Management",
}