نتایج جستجو برای: alert correlation

تعداد نتایج: 403255  

Journal: :International Journal of Computer Network and Information Security 2013

Journal: :Computers & Security 2015
Riyanat Shittu Alex Healing Robert A. Ghanea-Hercock Robin E. Bloomfield Muttukrishnan Rajarajan

Event Correlation used to be a widely used technique for interpreting alert logs and discovering network attacks. However, due to the scale and complexity of today’s networks and attacks, alert logs produced by these modern networks are much larger in volume and difficult to analyse. In this research we show that adding post-correlation methods can be used alongside correlation to significantly...

Journal: :I. J. Network Security 2013
Mehdi Bateni Ahmad Baraani Ali Ghorbani

One of the most important challenges facing the intrusion detection systems (IDSs) is the huge number of generated alerts. A system administrator will be overwhelmed by these alerts in such a way that she/he cannot manage and use the alerts. The best-known solution is to correlate low-level alerts into a higher level attack and then produce a high-level alert for them. In this paper a new autom...

2005
Dipankar Dasgupta José M. Rodríguez Sankalp Balachandran

The paper describes the design and development of an efficient visualization tool called security console for monitoring security related events in a large agent society (CougaarTM). This administrative tool is primarily used to collect and process alert messages generated by various sensors across the distributed agent society. This tool exploits the agents’ hierarchical structural for aggrega...

2016
Mona Lange Felix Kuhr Ralf Möller

With the growing deployment of host-based and network-based intrusion detection systems in increasingly large and complex communication networks, managing low-level alerts from these systems becomes critically important. Probes of multiple distributed firewalls (FWs), intrusion detection systems (IDSs) or intrusion prevention systems (IPSs) are collected throughout a monitored network such that...

Journal: :Computers and Artificial Intelligence 2005
Keun-Hee Han Il-Gon Kim Kang-Won Lee Ji-Yeon Choi Sang-Hun Jeon

Current information protection systems only detect and warn against individual intrusion, and are not able to provide a collective and synthesized alert message. In this paper, we propose a new Meta-IDS system which is called “SIA System”. The SIA system can filter redundant alert messages, analyze mixed attacks using correlation alert messages from each sensor and respond to security threats q...

2005
Jidong Long Daniel Schwartz Sara Stoecklin

An intrusion detection system (IDS) is generally limited by having a single detection model and a single information source for detecting attacks. Multi-sensor (or meta) intrusion detection addresses this problem by combining results of multiple IDSs and providing global decisions. Nearly all current meta-IDSs are either statistics-based or logical rule-based and typically require substantial h...

نمودار تعداد نتایج جستجو در هر سال

با کلیک روی نمودار نتایج را به سال انتشار فیلتر کنید