Home > Publications
Home University of Twente
Prospective Students
Intranet (internal)

EEMCS EPrints Service

6849 APHRODITE: an Anomaly-based Architecture for False Positive Reduction
Home Policy Brochure Browse Search User Area Contact Help

Bolzoni, D. and Etalle, S. (2006) APHRODITE: an Anomaly-based Architecture for False Positive Reduction. Technical Report TR-CTIT-06-13, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625

This is the latest version of this eprint.

Full text available as:


225 Kb
Open Access

Official URL:

Exported to Metis


We present APHRODITE, an architecture designed to reduce
false positives in network intrusion detection systems. APHRODITE
works by detecting anomalies in the output traffic, and by correlating
them with the alerts raised by the NIDS working on the input traffic.
Benchmarks show a substantial reduction of false positives and that
APHRODITE is effective also after a “quick setup�?, i.e. in the realistic
case in which it has not been “trained�? and set up optimally.

Item Type:Internal Report (Technical Report)
Research Group:EWI-DIES: Distributed and Embedded Security
Research Program:CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
Research Project:IPID: Integrated Policy-based Intrusion Detection
Uncontrolled Keywords:Intrusion Detection, False Positives
ID Code:6849
Deposited On:06 October 2006
More Information:statisticsmetis

Available Versions of this Item

  • APHRODITE: an Anomaly-based Architecture for False Positive Reduction (deposited 06 October 2006)
    [Currently Displayed]

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item