Sciweavers

SP
2002
IEEE
170views Security Privacy» more  SP 2002»
13 years 10 months ago
Alert Correlation in a Cooperative Intrusion Detection Framework
This paper presents the work we have done within the MIRADOR project to design CRIM, a cooperative module for intrusion detection systems (IDS). This module implements functions t...
Frédéric Cuppens, Alexandre Mi&egrav...
IJNSEC
2007
107views more  IJNSEC 2007»
13 years 10 months ago
A Rule-based Temporal Alert Correlation System
This paper reports a research work to address the problem of the large number of alerts generated by the detectors in an intrusion detection system. Some of these alerts are redun...
Peyman Kabiri, Ali A. Ghorbani
IJNSEC
2006
132views more  IJNSEC 2006»
13 years 11 months ago
Alert Correlation for Extracting Attack Strategies
Alert correlation is an important technique for managing large the volume of intrusion alerts that are raised by heterogenous Intrusion Detection Systems (IDSs). The recent trend ...
Bin Zhu, Ali A. Ghorbani
CN
2007
91views more  CN 2007»
13 years 11 months ago
Improving the quality of alerts and predicting intruder's next goal with Hidden Colored Petri-Net
Intrusion detection systems (IDS) often provide poor quality alerts, which are insufficient to support rapid identification of ongoing attacks or predict an intruder’s next lik...
Dong Yu, Deborah A. Frincke
COMCOM
2006
88views more  COMCOM 2006»
13 years 11 months ago
Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts
To defend against multi-step intrusions in high-speed networks, efficient algorithms are needed to correlate isolated alerts into attack scenarios. Existing correlation methods us...
Lingyu Wang, Anyi Liu, Sushil Jajodia
CASCON
2007
104views Education» more  CASCON 2007»
14 years 10 days ago
Identifying fault-prone files using static analysis alerts through singular value decomposition
Static analysis tools tend to generate more alerts than a development team can reasonably examine without some form of guidance. In this paper, we propose a technique for leveragi...
Mark Sherriff, Sarah Smith Heckman, Mike Lake, Lau...
ACSAC
2004
IEEE
14 years 2 months ago
Alert Correlation through Triggering Events and Common Resources
Complementary security systems are widely deployed in networks to protect digital assets. Alert correlation is essential to understanding the security threats and taking appropria...
Dingbang Xu, Peng Ning
CNSR
2008
IEEE
169views Communications» more  CNSR 2008»
14 years 5 months ago
Critical Episode Mining in Intrusion Detection Alerts
One of the most important steps in attack detection using Intrusion Detection Systems (IDSs) is dealing with huge number of alerts that can be either critical single alerts and mu...
Mahboobeh Soleimani, Ali A. Ghorbani
ICAC
2009
IEEE
14 years 5 months ago
Ranking the importance of alerts for problem determination in large computer systems
The complexity of large computer systems has raised unprecedented challenges for system management. In practice, operators often collect large volume of monitoring data from system...
Guofei Jiang, Haifeng Chen, Kenji Yoshihira, Akhil...