EEMCS EPrints Service

Education

Research

Prospective Students

Jobs

Publications

Intranet (internal)

Nederlands

Contact

Sitemap

Organisation

6849 APHRODITE: an Anomaly-based Architecture for False Positive Reduction

Home Policy Brochure Browse Search User Area Contact Help

Bolzoni, D. and Etalle, S. (2006) APHRODITE: an Anomaly-based Architecture for False Positive Reduction. Technical Report TR-CTIT-06-13, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625

This is the latest version of this eprint.

Full text available as:

PDF

- Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
225 Kb

Official URL: http://arxiv.org/abs/cs.CR/0604026

Abstract

We present APHRODITE, an architecture designed to reduce
false positives in network intrusion detection systems. APHRODITE
works by detecting anomalies in the output traffic, and by correlating
them with the alerts raised by the NIDS working on the input traffic.
Benchmarks show a substantial reduction of false positives and that
APHRODITE is effective also after a “quick setup�?, i.e. in the realistic
case in which it has not been “trained�? and set up optimally.

Item Type:	Internal Report (Technical Report)
Research Group:	EWI-DIES: Distributed and Embedded Security
Research Program:	CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
Research Project:	IPID: Integrated Policy-based Intrusion Detection
Uncontrolled Keywords:	Intrusion Detection, False Positives
ID Code:	6849
Deposited On:	06 October 2006
Refereed:	No
More Information:	statistics metis

Available Versions of this Item

APHRODITE: an Anomaly-based Architecture for False Positive Reduction (deposited 06 October 2006)
[Currently Displayed]

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item