APHRODITE: an Anomaly-based Architecture for False Positive Reduction
|Abstract:||We present APHRODITE, an architecture designed to reduce|
false positives in network intrusion detection systems. APHRODITE
works by detecting anomalies in the output traffic, and by correlating
them with the alerts raised by the NIDS working on the input traffic.
Benchmarks show a substantial reduction of false positives and that
APHRODITE is effective also after a “quick setup�?, i.e. in the realistic
case in which it has not been “trained�? and set up optimally.
Electrical Engineering, Mathematics and Computer Science (EEMCS)
|Link to this item:||http://purl.utwente.nl/publications/66336|
|Export this item as:||BibTeX|
Show download statistics for this publication
Daily downloads in the past month
Monthly downloads in the past 12 months
Repository Staff Only: item control page
Metis ID: 237407