The approach proposed in this paper involves the creation of a new algorithm for analyzing correlation alerts and providing the correct information regarding the detection of various types of security attacks, such as DDoS. It also enables the evaluation of the attack status, the degree of danger from the viewpoint of a managed network environment and the assets protected by the security device...

The main use of intrusion detection systems (IDS) is to detect attacks against information systems and networks. Normal use of the network and its functioning can also be monitored with an IDS. It can be used to control, for example, the use of management and signaling protocols, or the network traffic related to some less critical aspects of system policies. These complementary usages can gene...

We present a new kind of network perimeter monitoring strategy, which focuses on recognizing the infection and coordination dialog that occurs during a successful malware infection. BotHunter is an application designed to track the two-way communication flows between internal assets and external entities, developing an evidence trail of data exchanges that match a state-based infection sequence...

The USC GridSec project develops distributed security infrastructure and self-defense capabilities to secure wide-area networked resource sites participating in a Grid application. We report new developments in trust modeling, security-binding methodology, and defense architecture against intrusions, worms, and flooding attacks. We propose a novel architectural design of Grid security infrastru...

One of the most important topics in the field of intrusion detection systems is to find a solution to reduce the overwhelming alerts generated by IDSs in the network. Inspired by danger theory which is one of the most important theories in artificial immune system (AIS) we proposed a complementary subsystem for IDS which can be integrated into any existing IDS models to aggregate the alerts in ...

The scarcity of cost-effective patient identification methods represents a significant barrier to clinical research. Research recruitment alerts have been designed to facilitate physician referrals but limited support is available to clinical researchers. We conducted a retrospective data analysis to evaluate the efficacy of a real-time patient identification alert delivered to clinical researc...

Intrusion detection is an important protection tool for computer systems and networks. In recent years it has become an essential piece in the IT security infrastructure of large organizations. Even though intrusion detection systems are installed in an increasing rate, they are often misused as the quality of alerts they produce is not satisfactory. High alert volume, high false positives rate...

BACKGROUND Simultaneous intracortical recordings of neural activity and blood-oxygen-level-dependent (BOLD) functional magnetic resonance imaging (fMRI) in primary visual cortex of anesthetized monkeys demonstrated varying degrees of correlation between fMRI signals and the different types of neural activity, such as local field potentials (LFPs), multiple-unit activity (MUA), and single-unit a...

Intrusion detection analysts are often swamped by multitudes of alerts originating from installed intrusion detection systems (IDS) as well as logs from routers and firewalls on the networks. Properly managing these alerts and correlating them to previously seen threats is critical in the ability to effectively protect a network from attacks. Manually correlating events can be a slow tedious ta...