Grouping and clustering alerts for intrusion detection based on the similarity of features is referred to as structurally base alert correlation and can discover a list of attack steps. Previous researchers selected different features and data sources manually based on their knowledge and experience, which lead to the less accurate identification of attack steps and inconsistent performance of clustering accuracy. Furthermore, the existing alert correlation systems deal with a huge amount of data that contains null values, incomplete information, and irrelevant features causing the analysis of the alerts to be tedious, time-consuming and error-prone. Therefore, this paper focuses on selecting accurate and significant features of alerts that are appropriate to represent the attack steps, thus, enhancing the structural-based alert correlation model. A two-tier feature selection method is proposed to obtain the significant features. The first tier aims at ranking the subset of features based on high information gain entropy in decreasing order. The second tier extends additional features with a better discriminative ability than the initially ranked features. Performance analysis results show the significance of the selected features in terms of the clustering accuracy using 2000 DARPA intrusion detection scenario-specific dataset.
The integration of medical equipment into the Internet of Things (IoT) led to the introduction of Internet of Medical Things (IoMT). Variation of IoT devices have been equipped in medical facilities. These devices provided convenience to healthcare provider since they can continuously monitor their patients in real-time, while allowing them to have greater physical flexibility and mobility. However, users of healthcare services (such as patients and medical staff) often are less concerned about security issues associated with IoT. These alleviate existing problems and jeopardize the lives of their patients by making them susceptible to attacks. Furthermore, IoMT applications have direct access to healthcare services because it handles sensitive patient information. Therefore, it is extremely important to preserve and establish the security and privacy of IoMT. This further justifies the need to investigate and address the related issues. Despite existing literature on security and privacy mechanisms, the domain still requires more attention. Therefore, this paper aims to discuss the security and privacy principles, as well as challenges associated with IoMT. Besides, a comprehensive analysis of privacy and security solutions for IoMT is also presented. In addition, we introduced a novel taxonomy of IoMT security and privacy based on cyber security principles such as "govern," "protect," and "detect". In conclusion, this paper provides a discussion on existing challenges and future direction for researchers.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.