首页> 外文会议>WISM 2011;International conference on web information systems and mining >An Alerts Correlation Technology for Large-Scale Network Intrusion Detection

【24h】

An Alerts Correlation Technology for Large-Scale Network Intrusion Detection

机译：大规模网络入侵检测的警报关联技术

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Intrusion detection is an important security tool. Intrusion detection systems are becoming ubiquitous defenses in today's networks. But some researches showed that the volume of alerts generated from intrusion detection systems can be overwhelming. The alert aggregation and alert correlation capability has the potential to reduce alert volume and improve detection performance. In this paper, an approach of correlating intrusion alerts based on the association rules mining is proposed, which can effectively reduce the repeated alert thereby to reduce the rate of false alarm.

机译：入侵检测是重要的安全工具。入侵检测系统已成为当今网络中普遍存在的防御措施。但是一些研究表明，入侵检测系统生成的警报数量可能是巨大的。警报聚合和警报关联功能具有减少警报量和提高检测性能的潜力。提出了一种基于关联规则挖掘的入侵预警关联方法，可以有效地减少重复预警，从而降低误报率。

著录项

来源
《WISM 2011;International conference on web information systems and mining 》|2011年|p.352-359|共8页
会议地点
作者
Jingbo Yuan; Shunli Ding;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类计算机网络 ;
关键词
intrusion detection; alert aggregation; alarm correlation; association rule mining;

机译：入侵检测;警报聚合;报警关联关联规则挖掘;

相似文献

外文文献
中文文献
专利

1. Modeling Network Intrusion Detection Alerts for Correlation [J] . JINGMIN ZHOU, MARK HECKMAN, BRENNEN REYNOLDS, ACM Transaction on Information and System Security . 2007 ,第1期

机译：为相关性建模网络入侵检测警报
2. Intrusion-Aware Alert Validation Algorithm for Cooperative Distributed Intrusion Detection Schemes of Wireless Sensor Networks [J] . Brian J. d#x02019, Auriol, Hassan Jameel, Sensors . 2009 ,第8期

机译：无线传感器网络协同分布式入侵检测方案的入侵感知警报验证算法
3. Discovering Attack Scenarios via Intrusion Alert Correlation Using Graph Convolutional Networks [J] . Cheng Qiumei, Wu Chunming, Zhou Shiying IEEE communications letters . 2021 ,第5期

机译：通过使用图形卷积网络通过入侵警报相关性发现攻击场景
4. An Alerts Correlation Technology for Large-Scale Network Intrusion Detection [C] . Jingbo Yuan, Shunli Ding International Conference on Web Information Systems and Mining . 2011

机译：大规模网络入侵检测警报相关技术
5. Real-time intrusion detection alert correlation. [D] . Valeur, Fredrik. 2006

机译：实时入侵检测警报关联。
6. Intrusion-Aware Alert Validation Algorithm for Cooperative Distributed Intrusion Detection Schemes of Wireless Sensor Networks [O] . Riaz Ahmed Shaikh, Hassan Jameel, Brian J. d’Auriol, 2009

机译：无线传感器网络协同分布式入侵检测方案的入侵感知警报验证算法
7. A framework for correlation and aggregation of security alerts in communication networks. A reasoning correlation and aggregation approach to detect multi-stage attack scenarios using elementary alerts generated by Network Intrusion Detection Systems (NIDS) for a global security perspective. [O] . Alserhani Faeiz 2011

机译：通信网络中安全警报的关联和聚合框架。一种推理相关和聚合方法，可使用网络入侵检测系统（NIDS）生成的基本警报来检测多阶段攻击情形，以实现全球安全性。

An Alerts Correlation Technology for Large-Scale Network Intrusion Detection

摘要

著录项

相似文献

相关主题

期刊订阅