Apparatus and method for improving detection performance of intrusion detection system

An apparatus for improving detection performance of an intrusion detection system includes a transformed detected data generation unit for changing original detected data, detected based on current detection rules, to transformed detected data complying with transformed detected data standard. A tra...

Full description

Saved in:
Bibliographic Details
Main Authors LEE TAEKKYU, OH HYUNG GEUN, HONG SOONJWA, LEE SEOKWON, LEE NAMHOON, KIM GEUNYONG, JUNG KYUCHEOL, SOHN KI WOOK
Format Patent
LanguageEnglish
Published 01.03.2016
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:An apparatus for improving detection performance of an intrusion detection system includes a transformed detected data generation unit for changing original detected data, detected based on current detection rules, to transformed detected data complying with transformed detected data standard. A transformed detected data classification unit classifies the transformed detected data by attack type, classifies transformed detected data for attack types by current detection rule, and classifies transformed detected data for detection rules into true positives/false positives. A transformed keyword tree generation unit generates a true positive transformed keyword tree and a false positive transformed keyword tree. A true positive path identification unit generates a true positive node, and identifies a true positive path connecting a base node to the true positive node in the true positive transformed keyword tree. A true positive detection pattern generation unit generates a true positive detection pattern based on the true positive path.
Bibliography:Application Number: US201414338917