Alarm Clustering for Intrusion Detection Systems in Computer Networks

机译：计算机网络中入侵检测系统的警报群集

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

Until recently, network administrators manually arranged alarms produced by Intrusion Detection Systems (IDSs) to attain a high-level description of threats. As the number of alarms is increasingly growing, automatic tools for alarm clustering have been proposed to provide such a high level description of the attack scenario. In addition, it has been shown that effective threat analysis require the fusion of different sources of information, such as different IDSs, firewall logs, etc. In this paper, we propose a new strategy to perform alarm clustering which produces unified descriptions of attacks from multiple alarms. Tests have been performed on a live network where commercial and open-source IDSs analyzed network traffic.

机译：直到最近，网络管理员还手动安排了入侵检测系统（IDS）生成的警报，以对威胁进行高级描述。随着警报数量的不断增长，已经提出了用于警报群集的自动工具来提供对攻击场景的如此高级描述。此外，已经表明，有效的威胁分析需要融合不同信息源，例如不同的IDS，防火墙日志等。在本文中，我们提出了一种执行警报聚类的新策略，该聚类可以对来自以下位置的攻击进行统一描述多个警报。测试是在实时网络上进行的，在该网络上，商业和开源IDS分析了网络流量。

著录项

来源
《International Conference on Machine Learning and Data Mining in Pattern Recognition(MLDM 2005); 20050709-11; Leipzig(DE)》|2005年|P.184-193|共10页
会议地点 Leipzig(DE)
作者
Giorgio Giacinto; Roberto Perdisci; Fabio Roli;
展开▼
作者单位

Department of Electrical and Electronic Engineering, University of Cagliari, Piazza D Armi - 09123 Cagliari, Italy;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类计算机的应用;
关键词
computer security; intrusion detection; clustering;

机译：计算机安全;入侵检测;集群;

相似文献

外文文献
中文文献
专利

1. Alarm clustering for intrusion detection systems in computer networks [J] . Roberto Perdisci, Giorgio Giacinto, Fabio Roli Engineering Applications of Artificial Intelligence . 2006,第4期

机译：计算机网络中入侵检测系统的警报群集
2. A nature-inspired approach to speed up optimum-path forest clustering and its application to intrusion detection in computer networks [J] . Costa Kelton A. P., Pereira Luis A. M., Nakamura Rodrigo Y. M., Information Sciences: An International Journal . 2015,第Null期

机译：以自然为灵感的方法来加速最佳路径森林聚类，并将其应用于计算机网络中的入侵检测
3. The multi-demeanor fusion based robust intrusion detection system for anomaly and misuse detection in computer networks [J] . Gupta Akshay Rameshbhai, Agrawal Jitendra Journal of ambient intelligence and humanized computing . 2021,第1期

机译：基于多风度融合的计算机网络中的异常和滥用检测的多风度融合
4. Alarm Clustering for Intrusion Detection Systems in Computer Networks [C] . Giorgio Giacinto, Roberto Perdisci, Fabio Roll International Conference on Machine Learning and Data Mining in Pattern Recognition(MLDM 2005) . 2005

机译：用于计算机网络中入侵检测系统的报警聚类
5. On optimizing traffic distribution for clusters of network intrusion detection and prevention systems. [D] . Le, Anh. 2008

机译：关于优化网络入侵检测和防御系统集群的流量分配。
6. An Intrusion Detection System Based on Multi-Level Clustering for Hierarchical Wireless Sensor Networks [O] . Ismail Butun, In-Ho Ra, Ravi Sankar 2015

机译：基于多层聚类的分层无线传感器网络入侵检测系统
7. Alarm clustering for intrusion detection systems in computer networks [O] . Roberto Perdisci, Giorgio Giacinto, Fabio Roli 2006

机译：用于计算机网络中入侵检测系统的报警聚类

Alarm Clustering for Intrusion Detection Systems in Computer Networks

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅