Visible to the public Cyber Attack Detection Using Contextual Semantics

ABSTRACT. We present a layered cyber-attack detection system with semantics and context capabilities. The described approach has been implemented in a prototype system which uses semantic information about related attacks to infer all possible suspicious network activities from connections between hosts. The relevant attacks generated by semantic techniques are forwarded to context filters that use attack context profiles and host contexts to filter out irrelevant attacks. Experiments on the KDD 1999 intrusion detection dataset, have shown high precision and recall values of the system compared with previous approaches.


Cyber Attack Detection Using Contextual Semantics
Switch to experimental viewer