Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IJNSEC
2007
2007
A Rule-based Temporal Alert Correlation System
This paper reports a research work to address the problem of the large number of alerts generated by the detectors in an intrusion detection system. Some of these alerts are redundant and have to be aggregated; others may follow a certain attack pattern that should be correlated. Generally, this operation is referred to as alert correlation. A more detailed explanation of the alert correlation is presented in the paper. Paper proposes a rule-based approach to solve this problem. In the reported work, an inference engine is implemented to derive the correlation between the alerts using a scenario-based knowledge base and to aggregate redundant alerts. Experimental results based on sample alerts and scenarios are reported in this paper.
Real-time TrafficRelated Content
| Added | 15 Dec 2010 |
| Updated | 15 Dec 2010 |
| Type | Journal |
| Year | 2007 |
| Where | IJNSEC |
| Authors | Peyman Kabiri, Ali A. Ghorbani |
Comments (0)
Researcher Info
|
