An Alerts Correlation Technology for Large-Scale Network Intrusion Detection

被引:0
作者
Yuan, Jingbo [1 ]
Ding, Shunli [1 ]
机构
[1] NE Univ Qinhuangdao, Inst Informat Management Technol & Applicat, Qinhuangdao, Peoples R China
来源
WEB INFORMATION SYSTEMS AND MINING, PT I | 2011年 / 6987卷
关键词
intrusion detection; alert aggregation; alarm correlation; association rule mining;
D O I
暂无
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Intrusion detection is an important security tool. Intrusion detection systems are becoming ubiquitous defenses in today's networks. But some researches showed that the volume of alerts generated from intrusion detection systems can be overwhelming. The alert aggregation and alert correlation capability has the potential to reduce alert volume and improve detection performance. In this paper, an approach of correlating intrusion alerts based on the association rules mining is proposed, which can effectively reduce the repeated alert thereby to reduce the rate of false alarm.
引用
收藏
页码:352 / +
页数:2
相关论文
共 50 条
  • [21] Large-scale Intrusion Detection with Low-cost Multi-camera wireless image sensors
    Pham, Congduc
    2015 IEEE 11TH INTERNATIONAL CONFERENCE ON WIRELESS AND MOBILE COMPUTING, NETWORKING AND COMMUNICATIONS (WIMOB), 2015, : 484 - 491
  • [22] An Effecient Method for Evaluating Alerts of Intrusion Detection Systems
    Chakir, El Mostapha
    Moughit, Mohamed
    Idrissi Khamlichi, Youness
    2017 INTERNATIONAL CONFERENCE ON WIRELESS TECHNOLOGIES, EMBEDDED AND INTELLIGENT SYSTEMS (WITS), 2017,
  • [23] Applying alert correlation method in network intrusion detection system
    Li, WJ
    Zhang, DF
    Yang, XD
    8TH WORLD MULTI-CONFERENCE ON SYSTEMICS, CYBERNETICS, AND INFORMATICS, VOL XVI, PROCEEDINGS, 2004, : 516 - 521
  • [24] Network intrusion detection technology based on DeepInsight and transfer learning
    Liu, Wenqi
    Hu, Tao
    Yan, Jie
    Li, Huang
    Li, Shijia
    Ge, Hongjuan
    Gongcheng Kexue Xuebao/Chinese Journal of Engineering, 2024, 46 (12): : 2238 - 2245
  • [25] Intrusion Detection and Firewall Technology Combines Applied Research in the Campus Network
    Ye, Zhengwang
    Zheng, Yuhong
    PROCEEDINGS OF 2014 2ND INTERNATIONAL CONFERENCE IN HUMANITIES, SOCIAL SCIENCES AND GLOBAL BUSINESS MANAGEMENT (ISSGBM 2014), VOL 26, 2014, 26 : 89 - 92
  • [26] A Learning Framework for Transitioning Network Intrusion Alerts Management System to Ontology
    Fu, Chunlei
    Duan, Qichang
    Fu, Li
    Xiang, Hong
    Xiong, Zhongyang
    Hu, Haibo
    JOURNAL OF RESEARCH AND PRACTICE IN INFORMATION TECHNOLOGY, 2011, 43 (03): : 247 - 265
  • [27] Managing intrusion-detection alerts based on fuzzy comprehensive evaluation
    Mu, CP
    Huang, HK
    Tian, SF
    Proceedings of the 8th Joint Conference on Information Sciences, Vols 1-3, 2005, : 140 - 143
  • [28] Intrusion Detection Localization Method of Large Association Embedded Network Equipment
    Lang Liao
    Zhu Zhenjia
    PROCEEDINGS OF THE 2014 INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND ELECTRONIC TECHNOLOGY, 2015, 6 : 293 - 296
  • [29] OutMet: A New Metric for Prioritising Intrusion Alerts using Correlation and Outlier Analysis
    Shittu, Riyanat
    Healing, Alex
    Ghanea-Hercock, Robert
    Bloomfield, Robin
    Muttukrishnan, Rajarajan
    2014 IEEE 39TH CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN), 2014, : 322 - 330
  • [30] AI-powered intrusion detection in large-scale traffic networks based on flow sensing strategy and parallel deep analysis
    Vo, Hoang V.
    Du, Hanh P.
    Nguyen, Hoa N.
    JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2023, 220
12345