نتایج جستجو برای: alert correlation
تعداد نتایج: 403255 فیلتر نتایج به سال:
Event Correlation used to be a widely used technique for interpreting alert logs and discovering network attacks. However, due to the scale and complexity of today’s networks and attacks, alert logs produced by these modern networks are much larger in volume and difficult to analyse. In this research we show that adding post-correlation methods can be used alongside correlation to significantly...
One of the most important challenges facing the intrusion detection systems (IDSs) is the huge number of generated alerts. A system administrator will be overwhelmed by these alerts in such a way that she/he cannot manage and use the alerts. The best-known solution is to correlate low-level alerts into a higher level attack and then produce a high-level alert for them. In this paper a new autom...
The paper describes the design and development of an efficient visualization tool called security console for monitoring security related events in a large agent society (CougaarTM). This administrative tool is primarily used to collect and process alert messages generated by various sensors across the distributed agent society. This tool exploits the agents’ hierarchical structural for aggrega...
With the growing deployment of host-based and network-based intrusion detection systems in increasingly large and complex communication networks, managing low-level alerts from these systems becomes critically important. Probes of multiple distributed firewalls (FWs), intrusion detection systems (IDSs) or intrusion prevention systems (IPSs) are collected throughout a monitored network such that...
Current information protection systems only detect and warn against individual intrusion, and are not able to provide a collective and synthesized alert message. In this paper, we propose a new Meta-IDS system which is called “SIA System”. The SIA system can filter redundant alert messages, analyze mixed attacks using correlation alert messages from each sensor and respond to security threats q...
An intrusion detection system (IDS) is generally limited by having a single detection model and a single information source for detecting attacks. Multi-sensor (or meta) intrusion detection addresses this problem by combining results of multiple IDSs and providing global decisions. Nearly all current meta-IDSs are either statistics-based or logical rule-based and typically require substantial h...
نمودار تعداد نتایج جستجو در هر سال
با کلیک روی نمودار نتایج را به سال انتشار فیلتر کنید