Instantiated First Order Qualitative Choice Logic for an efficient handling of alerts correlation

Lydia Bouzar-Benlabiod; Salem Benferhat; Thouraya Bouabana-Tebibel

首页> 外文期刊>Intelligent data analysis >Instantiated First Order Qualitative Choice Logic for an efficient handling of alerts correlation

【24h】

Instantiated First Order Qualitative Choice Logic for an efficient handling of alerts correlation

机译：实例化的一阶定性选择逻辑可有效处理警报关联

获取原文

获取原文并翻译 | 示例

开具论文收录证明 >>

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

Intrusion Detection Systems (IDS) are necessary and important tools for monitoring information systems. However they produce a huge quantity of alerts. Alerts correlation is a process that reduces the number of alerts reported by intrusion detection systems. In this paper, we propose a new algorithm for a logical-based alerts correlation approach that integrates: security operator's knowledge and preferences. The representation and the reasoning on these knowledge and preferences are done using a new logic called Instantiated First Order Qualitative Choice Logic (IFO-QCL). Our modeling views an alert as an interpretation which allows us to have an efficient algorithm that performs the correlation process in a polynomial time. This paper also provides experimental results which are achieved on datasets issued from a real monitoring system.

机译：入侵检测系统（IDS）是监视信息系统的必要和重要工具。但是，它们会产生大量警报。警报关联是一个减少入侵检测系统报告的警报数量的过程。在本文中，我们为基于逻辑的警报关联方法提出了一种新算法，该算法集成了：安全操作员的知识和偏好。这些知识和偏好的表示以及推理是使用称为“实例化一阶定性选择逻辑”（IFO-QCL）的新逻辑完成的。我们的建模将警报视为一种解释，这使我们可以拥有一个有效的算法，该算法可以在多项式时间内执行相关过程。本文还提供了从真实监控系统发布的数据集获得的实验结果。

著录项

来源
《Intelligent data analysis》 |2015年第1期|3-27|共25页
作者
Lydia Bouzar-Benlabiod; Salem Benferhat; Thouraya Bouabana-Tebibel;
展开▼
作者单位

LCSI Laboratory, Ecole Nationale Superieure d'Informatique (ESI), Algiers, Algeria;

CRIL-CNRS, Universite d'Artois, Lens, France;

LCSI Laboratory, Ecole Nationale Superieure d'Informatique, Algiers, Algeria;

展开▼
收录信息美国《科学引文索引》(SCI);
原文格式 PDF
正文语种 eng
中图分类
关键词
IDS; alerts correlation; QCL; preferences bases; knowledge bases;

机译：IDS;提醒相关性;QCL;偏好基础;知识库;

相似文献

外文文献
中文文献
专利

1. Two alternatives for handling preferences in qualitative choice logic [J] . Salem Benferhat, Karima Sedki Fuzzy sets and systems . 2008,第15期

机译：定性选择逻辑中处理偏好的两种选择
2. APPLICATION OF TYPE-2 FUZZY LOGIC TO RULE-BASED INTRUSION ALERT CORRELATION DETECTION [J] . Chenn-Jung Huang, Kai-Wen Hu, Heng-Ming Chen, International Journal of Innovative Computing Information and Control . 2012,第4期

机译：2型模糊逻辑在基于规则的入侵警报关联检测中的应用
3. A logic-based model to support alert correlation in intrusion detection [J] . Benjamin Morin, Ludovic Me, Herve Debar, Information Fusion . 2009,第4期

机译：在入侵检测中支持警报关联的基于逻辑的模型
4. A Revised Qualitative Choice Logic for Handling Prioritized Preferences [C] . Salem Benferhat, Karima Sedki European Conference on Symbolic and Quantitative Approaches to Reasoning with Uncertainty(ECSQARU 2007); 20071031-1102; Hammamet(TN) . 2007

机译：经修订的定性选择逻辑，用于处理优先选择
5. The relationship between emotional intelligence competencies and preferred conflict -handling styles: A correlational analysis of selected registered nurses in southern Mississippi [D] . Morrison, Jeanne B. 2005

机译：情商能力与偏好的冲突处理方式之间的关系：密西西比州南部部分注册护士的相关性分析
6. Why Even the Logic of Re-Defined Choice May Still Contradict the Logic of Care in Public Health Systems? [O] . Marianna Fotaki 2004

机译：为什么甚至重新定义的选择逻辑仍可能与公共卫生系统中的护理逻辑相矛盾？
7. Exploiting Correlation Kernels for Efficient Handling of Intra-Die Spatial Correlation, with Application to Statistical Timing [O] . Amith Singhee, Sonia Singhal, Rob A. Rutenbar 2013

机译：利用相关核有效处理晶粒内空间相关性，并将其应用于统计时序

Instantiated First Order Qualitative Choice Logic for an efficient handling of alerts correlation

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅