Sciweavers

IJNSEC
2006
132views more  IJNSEC 2006»
14 years 17 days ago
Alert Correlation for Extracting Attack Strategies
Alert correlation is an important technique for managing large the volume of intrusion alerts that are raised by heterogenous Intrusion Detection Systems (IDSs). The recent trend ...
Bin Zhu, Ali A. Ghorbani
CN
2007
91views more  CN 2007»
14 years 17 days ago
Improving the quality of alerts and predicting intruder's next goal with Hidden Colored Petri-Net
Intrusion detection systems (IDS) often provide poor quality alerts, which are insufficient to support rapid identification of ongoing attacks or predict an intruder’s next lik...
Dong Yu, Deborah A. Frincke
CORR
2010
Springer
110views Education» more  CORR 2010»
14 years 20 days ago
Real-Time Alert Correlation with Type Graphs
The premise of automated alert correlation is to accept that false alerts from a low level intrusion detection system are inevitable and use attack models to explain the output in ...
Gianni Tedesco, Uwe Aickelin
ACSAC
2004
IEEE
14 years 4 months ago
Attack Plan Recognition and Prediction Using Causal Networks
Correlating and analyzing security alerts is a critical and challenging task in security management. Recently, some techniques have been proposed for security alert correlation. H...
Xinzhou Qin, Wenke Lee
RAID
2001
Springer
14 years 5 months ago
Probabilistic Alert Correlation
With the growing deployment of host and network intrusion detection systems, managing reports from these systems becomes critically important. We present a probabilistic approach t...
Alfonso Valdes, Keith Skinner
ACMSE
2005
ACM
14 years 6 months ago
Alert confidence fusion in intrusion detection systems with extended Dempster-Shafer theory
Accurate identification of misuse is a key factor in determining appropriate ways to protect systems. Modern intrusion detection systems often use alerts from different sources su...
Dong Yu, Deborah A. Frincke
ACSAC
2005
IEEE
14 years 6 months ago
Privacy-Preserving Alert Correlation: A Concept Hierarchy Based Approach
With the increasing security threats from infrastructure attacks such as worms and distributed denial of service attacks, it is clear that the cooperation among different organiza...
Dingbang Xu, Peng Ning
AI
2008
Springer
14 years 7 months ago
Using Unsupervised Learning for Network Alert Correlation
Alert correlation systems are post-processing modules that enable intrusion analysts to find important alerts and filter false positives efficiently from the output of Intrusion...
Reuben Smith, Nathalie Japkowicz, Maxwell Dondo, P...