An Alerts Correlation Technology for Large-Scale Network Intrusion Detection

被引：0

作者：

Yuan, Jingbo ^{[1
]}

Ding, Shunli ^{[1
]}

机构：

[1] NE Univ Qinhuangdao, Inst Informat Management Technol & Applicat, Qinhuangdao, Peoples R China

来源：

WEB INFORMATION SYSTEMS AND MINING, PT I | 2011年 / 6987卷

关键词：

intrusion detection; alert aggregation; alarm correlation; association rule mining;

D O I：

暂无

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Intrusion detection is an important security tool. Intrusion detection systems are becoming ubiquitous defenses in today's networks. But some researches showed that the volume of alerts generated from intrusion detection systems can be overwhelming. The alert aggregation and alert correlation capability has the potential to reduce alert volume and improve detection performance. In this paper, an approach of correlating intrusion alerts based on the association rules mining is proposed, which can effectively reduce the repeated alert thereby to reduce the rate of false alarm.

引用

页码：352 / +

页数：2

共 50 条

[41] Anomaly detection schemes in network intrusion detection [J].

Corvera, S ;

Grau, JB ;

Andina, D .

Soft Computing with Industrial Applications, Vol 17, 2004, 17 :309-313

[42] The Construction Research of Security Computer Network System Based on the Distributed Intrusion Detection Technology [J].

Huang, Xin ;

Wan, Rongze .

INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2014, 8 (06) :185-196

[43] Research on Network Intrusion Detection Technology based on IPv6 Protocol Analysis [J].

Li, Hongyan ;

Wang, Cong .

2011 INTERNATIONAL CONFERENCE ON FUTURE COMPUTER SCIENCE AND APPLICATION (FCSA 2011), VOL 3, 2011, :208-211

[44] Network intrusion detection technology based on improved C-means clustering algorithm [J].

Wang, Yanjun .

Journal of Networks, 2013, 8 (11) :2541-2547

[45] A Bayesian network-based approach for learning attack strategies from intrusion alerts [J].

Kavousi, Fatemeh ;

Akbari, Behzad .

SECURITY AND COMMUNICATION NETWORKS, 2014, 7 (05) :833-853

[46] Intrusion detection system alerts fusion based on fuzzy comprehensive evaluation and immune evolution [J].

Liu, Jiaomin ;

Li, Yongzheng ;

Meng, Junying ;

Wang, Zhenzhou .

Journal of Computational Information Systems, 2013, 9 (04) :1509-1516

[47] Deep Stacking Network for Intrusion Detection [J].

Tang, Yifan ;

Gu, Lize ;

Wang, Leiting .

SENSORS, 2022, 22 (01)

[48] Neural network ensembles for intrusion detection [J].

Golovko, Vladimir ;

Kachurka, Pavel ;

Vaitsekhovich, Leanid .

IDAACS 2007: PROCEEDINGS OF THE 4TH IEEE WORKSHOP ON INTELLIGENT DATA ACQUISITION AND ADVANCED COMPUTING SYSTEMS: TECHNOLOGY AND APPLICATIONS, 2007, :578-583

[49] Integrating intrusion detection and network management [J].

Qin, XH ;

Lee, W ;

Lewis, L ;

Cabrera, JBD .

NOMS 2002: IEEE/IFIP NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM: MANAGEMENT SOLUTIONS FOR THE NEW COMMUNICATIONS WORLD, 2002, :329-344

[50] Applying neural network to intrusion detection [J].

Zhou, Rigui .

2007 INTERNATIONAL SYMPOSIUM ON COMPUTER SCIENCE & TECHNOLOGY, PROCEEDINGS, 2007, :273-276

← 1 2 3 4 5 →