Intelligent Correlator for NIDS
نویسنده
چکیده
In today NIDS the number of alerts may be huge and the delay in between an alert is generated and the system administrator analyzes it, can be too long and the situation can be changed, e.g. with dual boot Unix-Windows machines. Therefore we would like to give a low priority or to filter out not relevant alerts. We would like also to gather more information about the target of the attack at the time the attack has been performed. The goal of this work is the realization of a prototype of a system that reduces the number of false positives of a NIDS by triggering a real time collects for information upon alert reception.
منابع مشابه
Hardware-Software Hybrid Packet Processing for Intrusion Detection Systems
Security is a major issue in today’s communication networks. Designing network intrusion detection systems (NIDS) calls for high performance circuits in order to keep up with the rising data rates. Offloading software processing to hardware realizations is not an economically viable solution and hence hardware-software based hybrid solutions for the NIDS scenario are discussed in literature. By...
متن کاملNational immunisation days for polio eradication in Uganda: did immunisation cards increase coverage?
OBJECTIVE To analyse the effect of cards and of vitamin A supplementation on coverage for National Immunisation Days (NIDs). DESIGN A retrospective ecological study. SETTING A countrywide NIDs coverage before and after introduction of the NIDs cards and vitamin A supplementation in all districts of Uganda. METHODS NIDs for polio eradication commenced in Uganda in 1996. Two rounds, one mon...
متن کاملA Review on Hybrid Fingerprinting on Internet Traffic
Countless have been proposed on intrusion detection system, which prompts the execution of executor based intelligent IDS (IIDS), Non – intelligent IDS (NIDS), signature based IDS and so on. While building such IDS models, taking in calculations from stream of system movement assume essential part in precision of IDS frameworks. The proposed work concentrates on actualizing the novel strategy t...
متن کاملA Novel Multi-layered Immune Network Intrusion Detection Defense Model: MINID
Today network security has become an everyday problem with virtually all computers connected to the Internet. Intrusion detection serves the important function of identifying malicious activities and determining their nature, origin, and seriousness. Inspired by the many excellent characteristics of biological immune System (BIS), the network intrusion detection system (NIDS) which based on art...
متن کاملCapacity Verification for High Speed Network Intrusion Detection Systems
Commercially available network intrusion detection systems (NIDS) came onto the market over six years ago. These systems have gained acceptance as a viable means of monitoring the security of consumer networks, yet no commercial standards exist to help consumers understand the capacity characteristics of these devices. Existing NIDS tests are flawed. These tests resemble the same tests used wit...
متن کامل