Title: A semantic web enabled host intrusion detection system

Authors: Özgü Can; Murat Osman Ünallır; Emine Sezer; Okan Bursa; Batuhan Erdoğdu

Addresses: Department of Computer Engineering, Ege University, 35100 Bornova-İzmir, Turkey ' Department of Computer Engineering, Ege University, 35100 Bornova-İzmir, Turkey ' Department of Computer Engineering, Ege University, 35100 Bornova-İzmir, Turkey ' Department of Computer Engineering, Ege University, 35100 Bornova-İzmir, Turkey ' Department of Computer Engineering, Ege University, 35100 Bornova-İzmir, Turkey

Abstract: Security has preeminent importance in today's technological environment. In recent years, as cyber-attacks have emerged new security concerns have arisen. In order to overcome the serious consequences of these cyber-attacks, fully-functioning and performance-improved intrusion detections systems are required. In this work, we propose a semantic web based host intrusion detection system to reduce the search time for malware scanning and to improve the performance of the intrusion detection systems. For this purpose, we used ontologies to provide semantic expressiveness and knowledge description for an intrusion detection system. The proposed ontology based intrusion detection system scans for malwares running on the operating system. Also, services and processes that are working on the system are scanned, and results are compared with a malware database. If any match occurs, the proposed system displays a malware list that matches with the information of that malware and where it is running.

Keywords: HIDS; host intrusion detection system; IDS; intrusion detection system; semantic web; ontology.

DOI: 10.1504/IJMSO.2018.096455

International Journal of Metadata, Semantics and Ontologies, 2018 Vol.13 No.1, pp.68 - 74

Received: 27 Mar 2018
Accepted: 12 Sep 2018
Published online: 03 Dec 2018 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article