IJNSEC
2006
13 years 11 months ago
2006
Alert correlation is an important technique for managing large the volume of intrusion alerts that are raised by heterogenous Intrusion Detection Systems (IDSs). The recent trend ...
CN
2007
13 years 11 months ago
2007
Intrusion detection systems (IDS) often provide poor quality alerts, which are insufficient to support rapid identification of ongoing attacks or predict an intruder’s next lik...
CORR
2010
Springer
13 years 11 months ago
2010
Springer
The premise of automated alert correlation is to accept that false alerts from a low level intrusion detection system are inevitable and use attack models to explain the output in ...
ACSAC
2004
IEEE
14 years 3 months ago
2004
IEEE
Correlating and analyzing security alerts is a critical and challenging task in security management. Recently, some techniques have been proposed for security alert correlation. H...
RAID
2001
Springer
14 years 4 months ago
2001
Springer
With the growing deployment of host and network intrusion detection systems, managing reports from these systems becomes critically important. We present a probabilistic approach t...
ACMSE
2005
ACM
14 years 5 months ago
2005
ACM
Accurate identification of misuse is a key factor in determining appropriate ways to protect systems. Modern intrusion detection systems often use alerts from different sources su...
ACSAC
2005
IEEE
14 years 5 months ago
2005
IEEE
With the increasing security threats from infrastructure attacks such as worms and distributed denial of service attacks, it is clear that the cooperation among different organiza...
AI
2008
Springer
14 years 5 months ago
2008
Springer
Alert correlation systems are post-processing modules that enable intrusion analysts to find important alerts and filter false positives efficiently from the output of Intrusion...