Skip to Main Content
In cooperative intrusion detection, several intrusion detection systems (IDS), network analyzers, vulnerability analyzers and other analyzers are deployed in order to get an overview of the system under consideration. In this case, the definition of a shared vocabulary describing the different information is prominent. Since these pieces of information are structured, we first propose to use description logics which ensure the reasoning decidability. Besides, the analyzers used in cooperative intrusion detection are not totally reliable. The second contribution of this paper is to handle these inconsistencies induced by the use of several analyzers using the so-called partial lexicographic inference.