Classifying Host Anomalies: Using Ontology in Information Security Monitoring

View Sample PDF

Author(s): Suja Ramachandran (Bhabha Atomic Research Centre, India), R.S. Mundada (Bhabha Atomic Research Centre, India), A.K. Bhattacharjee (Bhabha Atomic Research Centre, India), C.S.R.C. Murthy (Bhabha Atomic Research Centre, India)and R. Sharma (Bhabha Atomic Research Centre, India)
Copyright: 2011
Pages: 17
Source title: Cyber Security, Cyber Crime and Cyber Forensics: Applications and Perspectives
Source Author(s)/Editor(s): Raghu Santanam (Arizona State University, USA), M. Sethumadhavan (Amrita University, India)and Mohit Virendra (Brocade Communications Systems, USA)
DOI: 10.4018/978-1-60960-123-2.ch006

Keywords: Digital Crime & Forensics / Information Science Reference / IT Security and Ethics / Security & Forensics

Purchase

View Classifying Host Anomalies: Using Ontology in Information Security Monitoring on the publisher's website for pricing and purchasing information.

Abstract

In this chapter, the authors propose an ontology based approach to classify the anomalous events occurring in a number of hosts, thus filtering the interesting or non-trivial events requiring immediate attention from a set of events. An ontology is developed to structure the domain of anomaly detection. It expresses the semantic relationships among the attributes of an anomaly detection system and events collected by it. The system harnesses the reasoning capability of ontology and that of inference engine to make meaningful assumptions about anomaly events. This enables automatic classification of the reported anomalies based on the functionality and significance of the originating host as well as the associated system resource or parameter.

The IRMA Community

Research IRM

Classifying Host Anomalies: Using Ontology in Information Security Monitoring

Purchase

Abstract

Related Content

IRMA Sponsors