APHRODITE: an Anomaly-based Architecture for False Positive Reduction

Share/Save/Bookmark

Bolzoni, D. and Etalle, S. (2006) APHRODITE: an Anomaly-based Architecture for False Positive Reduction. [Report]

[img]
Preview
PDF
224Kb
Abstract:We present APHRODITE, an architecture designed to reduce
false positives in network intrusion detection systems. APHRODITE
works by detecting anomalies in the output traffic, and by correlating
them with the alerts raised by the NIDS working on the input traffic.
Benchmarks show a substantial reduction of false positives and that
APHRODITE is effective also after a “quick setup�?, i.e. in the realistic
case in which it has not been “trained�? and set up optimally.
Item Type:Report
Faculty:
Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:
Link to this item:http://purl.utwente.nl/publications/66336
Official URL:http://arxiv.org/abs/cs.CR/0604026
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page

Metis ID: 237407