• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>International Journal of Innovative Computing Information and Control >APPLICATION OF TYPE-2 FUZZY LOGIC TO RULE-BASED INTRUSION ALERT CORRELATION DETECTION
【24h】

APPLICATION OF TYPE-2 FUZZY LOGIC TO RULE-BASED INTRUSION ALERT CORRELATION DETECTION

机译:2型模糊逻辑在基于规则的入侵警报关联检测中的应用

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

An intrusion detection system (IDS) is a security layer that is used to discover ongoing intrusive attacks and anomalous activities in information systems, which means usually working in a dynamically changing environment. Although increasing attention to IDSs is evident in the literature, network security administrators are still faced with the task of analyzing enormous numbers of alerts produced from different event streams. The intrusion detection model therefore needs to be continuously tuned, in order to reduce correlative alerts and help the administrator to accurately determine critical attacks. In this work, an alert correlation detection module is proposed to analyze the alerts produced by IDSs, providing a more succinct and comprehensive view of intrusions. An automatically-tuned IDS rule-generation module that is based on a type-2 fuzzy logic technique is used to block highly correlative alerts. The experimental results reveal that the proposed model is effective in achieving alert reduction and abstraction.
机译:入侵检测系统(IDS)是一个安全层,用于发现信息系统中正在进行的入侵攻击和异常活动,这通常意味着可以在动态变化的环境中工作。尽管从文献中可以明显看到对IDS的日益关注,但是网络安全管理员仍然面临着分析来自不同事件流的大量警报的任务。因此,入侵检测模型需要不断调整,以减少相关警报并帮助管理员准确地确定关键攻击。在这项工作中,提出了一个警报关联检测模块来分析IDS产生的警报,从而提供更加简洁和全面的入侵视图。基于2型模糊逻辑技术的自动调整的IDS规则生成模块用于阻止高度相关的警报。实验结果表明,所提出的模型可以有效地实现警报减少和抽象。

著录项

  • 来源
  • 作者

    Chenn-Jung Huang; Kai-Wen Hu; Heng-Ming Chen; Tao-Ku Chang; Yun-Cheng Luo; Yih-Jhe Lien;

  • 作者单位

    Department of Computer Science and Information Engineering ,National Dong Hwa University No. 1, Sec. 2, Da Hsueh Rd., Shoufeng, Hualien 97401, Taiwan;

    Department of Computer Science and Information Engineering ,National Dong Hwa University No. 1, Sec. 2, Da Hsueh Rd., Shoufeng, Hualien 97401, Taiwan;

    Department of Electrical Engineering ,National Dong Hwa University No. 1, Sec. 2, Da Hsueh Rd., Shoufeng, Hualien 97401, Taiwan;

    Department of Computer Science and Information Engineering ,National Dong Hwa University No. 1, Sec. 2, Da Hsueh Rd., Shoufeng, Hualien 97401, Taiwan;

    Department of Computer Science and Information Engineering National Tsing Hua University;

    Institute of Electronics Engineering ,National Dong Hwa University No. 1, Sec. 2, Da Hsueh Rd., Shoufeng, Hualien 97401, Taiwan;

  • 收录信息
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

    intrusion detection system; intrusion correlation; alert reduction; IDS rule tuning; adaptive tuning;

    机译:入侵侦测系统;入侵相关减少警报;IDS规则调整;自适应调整;

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号