An Alerts Correlation Technology for Large-Scale Network Intrusion Detection

被引:0
作者
Yuan, Jingbo [1 ]
Ding, Shunli [1 ]
机构
[1] NE Univ Qinhuangdao, Inst Informat Management Technol & Applicat, Qinhuangdao, Peoples R China
来源
WEB INFORMATION SYSTEMS AND MINING, PT I | 2011年 / 6987卷
关键词
intrusion detection; alert aggregation; alarm correlation; association rule mining;
D O I
暂无
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Intrusion detection is an important security tool. Intrusion detection systems are becoming ubiquitous defenses in today's networks. But some researches showed that the volume of alerts generated from intrusion detection systems can be overwhelming. The alert aggregation and alert correlation capability has the potential to reduce alert volume and improve detection performance. In this paper, an approach of correlating intrusion alerts based on the association rules mining is proposed, which can effectively reduce the repeated alert thereby to reduce the rate of false alarm.
引用
收藏
页码:352 / +
页数:2
相关论文
共 50 条
  • [31] Linear Correlation-Based Feature Selection for Network Intrusion Detection Model
    Eid, Heba F.
    Hassanien, Aboul Ella
    Kim, Tai-hoon
    Banerjee, Soumya
    ADVANCES IN SECURITY OF INFORMATION AND COMMUNICATION NETWORKS, 2013, 381 : 240 - +
  • [32] Intrusion detection force: An infrastructure for Internet-scale intrusion detection
    Teo, L
    Zheng, YL
    Ahn, GJ
    IWIA 2003: FIRST IEEE INTERNATIONAL WORKSHOP ON INFORMATION ASSURANCE, PROCEEDINGS, 2003, : 73 - 86
  • [33] Intrusion Detection Mechanism for Large Scale Networks using CNN-LSTM
    Karanam, Lokesh
    Pattanaik, Kiran Kumar
    Aldmour, Rakan
    2020 13TH INTERNATIONAL CONFERENCE ON DEVELOPMENTS IN ESYSTEMS ENGINEERING (DESE 2020), 2020, : 323 - 328
  • [34] High Performance Attack Estimation in Large-Scale Network Flows
    Freas, Christopher B.
    Harrison, Robert W.
    Long, Yuan
    2018 IEEE INTERNATIONAL CONFERENCE ON BIG DATA (BIG DATA), 2018, : 5014 - 5020
  • [35] The study on network intrusion detection technology based on improved principal component analysis
    Lu, Y.-T., 2013, Asian Network for Scientific Information (13) : 5099 - 5105
  • [36] Design of a Lightweight Network Intrusion Detection System Based on Artificial Intelligence Technology
    He, Li
    Journal of Cyber Security and Mobility, 2024, 13 (05): : 1129 - 1148
  • [37] An efficient network intrusion detection
    Chen, Chia-Mei
    Chen, Ya-Lin
    Lin, Hsiao-Chung
    COMPUTER COMMUNICATIONS, 2010, 33 (04) : 477 - 484
  • [38] Using homomorphic encryption for privacy-preserving clustering of intrusion detection alerts
    Georgios Spathoulas
    Georgios Theodoridis
    Georgios-Paraskevas Damiris
    International Journal of Information Security, 2021, 20 : 347 - 370
  • [39] Using homomorphic encryption for privacy-preserving clustering of intrusion detection alerts
    Spathoulas, Georgios
    Theodoridis, Georgios
    Damiris, Georgios-Paraskevas
    INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2021, 20 (03) : 347 - 370
  • [40] Survey of intrusion-detection alert aggregation and correlation techniques
    School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044, China
    Jisuanji Yanjiu yu Fazhan, 2006, 1 (1-8): : 1 - 8
12345