FuzMet: a fuzzy-logic based alert prioritization engine for intrusiondetection systems

Khalid Alsubhi1*† Issam Aib2 and Raouf Boutaba13

首页> 外文期刊>International Journal of Network Management >FuzMet: a fuzzy-logic based alert prioritization engine for intrusiondetection systems

【24h】

FuzMet: a fuzzy-logic based alert prioritization engine for intrusiondetection systems

机译：FuzMet：用于入侵检测系统的基于模糊逻辑的警报优先级排序引擎

获取原文

获取原文并翻译 | 示例

获取外文期刊封面封底 >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

Intrusion detection systems (IDSs) are designed to monitor a networked environment and generate alertsnwhenever abnormal activities are detected. The number of these alerts can be very large, making their evaluationnby security analysts a difficult task. Management is complicated by the need to configure the differentncomponents of alert evaluation systems. In addition, IDS alert management techniques, such as clusteringnand correlation, suffer from involving unrelated alerts in their processes and consequently provide resultsnthat are inaccurate and difficult to manage. Thus the tuning of an IDS alert management system in ordernto provide optimal results remains a major challenge, which is further complicated by the large spectrumnof potential attacks the system can be subject to. This paper considers the specification and configurationnissues of FuzMet, a novel IDS alert management system which employs several metrics and a fuzzy-logicnbased approach for scoring and prioritizing alerts. In addition, it features an alert rescoring technique thatnleads to a further reduction in the number of alerts. Comparative results between SNORT scores andnFuzMet alert prioritization onto a real attack dataset are presented, along with a simulation-based investigationnof the optimal configuration of FuzMet. The results prove the enhanced intrusion detection accuracynbrought by our system

机译：入侵检测系统（IDS）旨在监视网络环境并在检测到异常活动时生成警报。这些警报的数量可能非常大，这使得安全分析人员对其进行评估非常困难。由于需要配置警报评估系统的不同组件，因此管理变得复杂。另外，IDS警报管理技术（例如集群和关联）会在其流程中涉及不相关的警报，因此提供的结果不准确且难以管理。因此，为了提供最佳结果而对IDS警报管理系统进行调整仍然是一个主要挑战，由于系统可能遭受的大量潜在攻击而使这一问题更加复杂。本文考虑了FuzMet的规范和配置问题，FuzMet是一种新颖的IDS警报管理系统，该系统采用了多种指标和基于模糊逻辑的方法对警报进行评分和优先级排序。此外，它还具有警报记录技术，可进一步减少警报数量。提出了SNORT分数和nFuzMet警报优先级到实际攻击数据集之间的比较结果，以及基于仿真的FuzMet最佳配置调查。结果证明我们的系统提高了入侵检测精度

著录项

来源
《International Journal of Network Management》 |2012年第4期|p.263-284|共22页
作者
Khalid Alsubhi1*† Issam Aib2 and Raouf Boutaba13;
展开▼
作者单位

1David R. Cheriton School of Computer Science, University of Waterloo, Waterloo, Ontario, Canada2Softray Business Solutions3Division of IT Convergence Engineering, POSTECH, Pohang, KB 790–784, Korea;

展开▼
收录信息美国《工程索引》(EI);
原文格式 PDF
正文语种 eng
中图分类
关键词

相似文献

外文文献
中文文献
专利

1. TRIDSO: Traffi c-based Reasoning IntrusionDetection System using Ontology [J] . Lisa Frye, Liang Cheng, Jeff Hefl in Journal of research and practice in information technology . 2014,第4期

机译：TRIDSO：基于Traffi C的推理入侵使用本体的检测系统
2. Knowledge-based Systems As Decision Support Tools In An Ecosystem Approach To Fisheries: Comparing A Fuzzy-logic And A Rule-based Approach [J] . Astrid Jarre, Barbara Paterson, Coleen L. Moloney, Progress in Oceanography . 2008,第2a4期

机译：基于知识的系统作为渔业生态系统方法中的决策支持工具：比较模糊逻辑和基于规则的方法
3. Physicians' Perceptions on the usefulness of contextual information for prioritizing and presenting alerts in computerized physician order entry systems [J] . Martin Jung, Daniel Riedmann, Werner O Hackl, BMC Medical Informatics and Decision Making . 2012,第1期

机译：医师对上下文信息在计算机医师订单输入系统中确定优先级和呈现警报的有用性的看法
4. Research and Realization of Crisis Alert System based on the Meta-Search Engine [C] . WEI Jiu-chang, ZHA0 Ding-tao International Conference on Public Administration; 20061021-22; Chengdu(CN) . 2006

机译：基于元搜索引擎的危机预警系统的研究与实现
5. Neural-network and fuzzy-logic learning and control of linear and nonlinear dynamic systems. [D] . Liut, Daniel Armando. 1999

机译：线性和非线性动力系统的神经网络和模糊逻辑学习与控制。
6. Physicians Perceptions on the usefulness of contextual information for prioritizing and presenting alerts in computerized physician order entry systems [O] . Martin Jung, Daniel Riedmann, Werner O Hackl, 2012

机译：医师对上下文信息在计算机医师订单输入系统中确定优先级和呈现警报的有用性的看法
7. March 2016 VOLUME 3, ISSUE 3, MARCH 2016 Composite Silicon Solar Cell Efficiency Simulation Study; Sensitivity to the Absorption Coefficients and the Thickness of Intrinsic Absorber Layer V. Tudić, M. Marochini, T. Luke Abstract PDF with Text DOI 10.17148/IARJSET.2016.3301 Molecular Phylogeny of Turbinaria Ornata (Turner) J. Agardh E. Neelamathi and R. Kannan Abstract PDF with Text DOI 10.17148/IARJSET.2016.3302 Human Factors in Aircraft Maintenance Suhas H Begur, Dr J Ashok Babu Abstract PDF with Text DOI 10.17148/IARJSET.2016.3303 Human Factors in Aircraft Maintenance Suhas H Begur, Dr J Ashok Babu Abstract PDF with Text DOI 10.17148/IARJSET.2016.3304 Foliar nutraceutical and antioxidant property of Diospyros lanceifolia Roxb. (Ebenaceae) – An important medicinal plant of Assam, India Dipjyoti Kalita, N. Devi and D. Baishya Abstract PDF with Text DOI 10.17148/IARJSET.2016.3305 Study of Ion Mobility Characteristics and Morphology of some Electrochemically-Synthesised Polypyrroles Danesh Roudini, Peter J. S. Foot Abstract PDF with Text DOI 10.17148/IARJSET.2016.3306 Physico-Chemical Characterization of an Artificial Pond to Control the Eutrophication Process: A Case Study Sameer Al-Asheh, Hani Abu Qdais, Adnan Alquraishi, Osama Husain, Ismail Sadoon Abstract PDF with Text DOI 10.17148/IARJSET.2016.3307 Survey: Recommendation System for Web Portal using Customer Segmentation Neha Badami, Vipul Wakkar, Monica Jain, Devendra Pandit Abstract PDF with Text DOI 10.17148/IARJSET.2016.3308 Web Archiving: Past Present and Future of Evolving Multimedia Legacy Meenakshi Srivastava, Dr. S.K. Singh, Dr. S.Q. Abbas Abstract PDF with Text DOI 10.17148/IARJSET.2016.3309 Labour Contract Management System Kajol Bhutada, Ketaki Kivade, Vishakha Gokhale, Pallavi Bhore, Prof. Shiv Prasad P. Patil Abstract PDF with Text DOI 10.17148/IARJSET.2016.3310 Minimization of Torque Ripple and Multi Quadrant Operation of Direct Torque Control for Three Phase Induction Motor Using Fuzzy Logic Controller P.Ramesh Babu, S. Ramprasath, N.Vijayasarathi Abstract PDF with Text DOI 10.17148/IARJSET.2016.3311 Alert Me: A Real Time Video Surveillance System Implementing IoT D.P Gaikwad, Pooja kumawat, Saurabh Bhalerao, Akhilesh Khalate, Hrishikesh Dongre Abstract PDF with Text DOI 10.17148/IARJSET.2016.3312 Validity, Reliability and Item Analysis of AMAIUB Admission Test Dr. Lina S. Calucag and Dr. Danilo A. Tabalan Abstract PDF with Text DOI 10.17148/IARJSET.2016.3313 Design and Analysis of Track and Hold Circuit for high speed communication Smita D. Waghmare, Dr. U. A. Kshirsagar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3314 Design of Low Power Digitally Operated Voltage Regulator by using CMOS Technology Nikita V. Dhomane, Dr. U. A. Kshirsagar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3315 Automation in Ration Distribution System Rajesh B.Shinde, Prof. A.G. Gaikwad, Prof. Sonali Chincholikar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3316 Use of MnSo4 Sludge as a Partial Replacement for Cement in Concrete Golhar Ankush, Jogdand Mohini, Malvi Ketan, Salunke Swanand, Gorade Swapnil Abstract PDF with Text DOI 10.17148/IARJSET.2016.3317 Ethnobotanical Studies on Medicinal Plant Utilization by the Yanadhi Tribe of Ananthasagaram Mandal, Nellore District, Andhra Pradesh, India K. Sasdhar, P. Brahmajirao and A. Sujith Kumar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3318 Effect of Soil Structure Interaction on the Storey Lateral Displacement of a Multi Storied Building Surya Teja Ch, Sai Kiran T Abstract PDF with Text DOI 10.17148/IARJSET.2016.3319 An Overview of Narcolepsy Touseef Rahman, Omer Farook, Md Belal Bin Heyat, Mohd Maroof Siddiqui Abstract PDF with Text DOI 10.17148/IARJSET.2016.3320 Significance of Air Movement for Thermal Comfort in Educational Buildings, Case Study of a Classroom Geethu Priya, Nagaraju Kaja Abstract PDF with Text DOI 10.17148/IARJSET.2016.3321 A Load Balancing Approach to Minimize the Resource Wastage in Cloud Computing Sachin Soni, Praveen Yadav Abstract PDF with Text DOI 10.17148/IARJSET.2016.3322 Modeling and Simulation of Fluidized Bed Drying of Chickpea S.N. Saha, G.P. Dewangan, R.S. Thakur Abstract PDF with Text DOI 10.17148/IARJSET.2016.3323 Photocatalytic-Ozonation of Textile Dyeing Wastewater using Fixed Catalyst System Rajendiran S, Shriram B, Kanmani S Abstract PDF with Text DOI 10.17148/IARJSET.2016.3324 Mesh less Analysis of Orthotropic Skew Plate under Sinusoidal Line Load Kumari Shipra Suman, Jeeoot Singh Abstract PDF with Text DOI 10.17148/IARJSET.2016.3325 Performance Analysis of 2*2 Dual Frequency Wide Band Circular Patch Antenna Array P. Sai Vinay Kumar, P. Jagadamba, M. N. Giri Prasad Abstract PDF with Text DOI 10.17148/IARJSET.2016.3326 A Multi-Cloud Approach Towards Addressing Security Issues of Cloud: A Survey Kumar M.V, Poornima A. S Abstract PDF with Text DOI 10.17148/IARJSET.2016.3327 Improved Efficiency of Boiler Plant with Different GCV and Carbon Percentage Ishan. P. Bhatt, C.P. Panchal Abstract PDF with Text DOI 10.17148/IARJSET.2016.3328 Industrial Automation using Sensing based Applications for Internet of Things Geetesh Chaudhari, Sudarshan Jadhav, Sandeep Batule, Sandeep Helkar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3329 Assessment of Engineering Students Learning [O] . Hamdia Hmmad Alyazeedi 2016

机译：2016年3月第3卷，第3款，2016年3月复合硅太阳能电池效仿真研究;对吸收系数的敏感性和内在吸收层V.Tudić，M.Marochini，T. Luke摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3301 Turbinaria ornata（特纳）J. Agardh E. Neelamathi和R. Kannan摘要的分子系统PDF与文本 DOI 10.17148 / IARJSET.2016.3302在飞机维修中的人类因素Suhas H Begur，J Ashok Babu摘要博士 PDF与文本 DOI 10.17148 / IARJSET.2016.3303人类因素在飞机维修SUHAS H Begur，J Ashok Babu摘要摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3304叶面植物和抗氧化剂的Diospyros Lancefolia Roxb。（eBenaceae） - 印度Assam的重要药用植物Dipjyoti Kalita，N. Devi和D.Baishya摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3305离子迁移性特性和某些电化学综合的多滤网的形态的研究Danesh Roudini，Peter J. S. Stock PDF与文本 DOI 10.17148 / IARJSET.2016.3306人工池塘的物理化学表征控制富营养化过程：一个案例研究同样的Al-Asheh，Hani Abu Qdais，Adnan Alquraishi，Osama Husain，Ismail Sadoon Abstract PDF与文本 DOI 10.17148 / IARJSET.2016.3307调查显示：Web门户网站推荐系统使用客户细分Neha Badami，vipul Wakkar，Monica Jain，Devendra Pandit摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3308 Web归档：过去的现状和不断发展的多媒体遗产Meenakshi Srivastava，S.K. Singh，S.Q博士。 ABBAS摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3309劳动合同管理系统Kajol Bhutada，Ketaki Kivade，Vishakha Gokhalale，Pallavi Bhore，Shiv Prasad P. Putil摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.310使用模糊逻辑控制器P.RAMESH BABU，S.RAMPRASATH，N.Vijayasarath，N.VijayasArathi摘要，最小化扭矩纹波和三相感应电动机直接扭矩控制的多象限操作。 PDF与文本 DOI 10.17148 / IARJSET.2016.3311提醒我：实时视频监控系统实施物联网D.P Gaikwad，Pooja Kumawat，Saurabh Bhalerao，Akhilesh Khalate，Hrishikesh Dongre摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3312 AMAIB录取测试的有效性，可靠性和物品分析林纳·卡卢格博士和Danilo A. Tabalan摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3313高速通信轨道和保持电路的设计与分析SMITA D. Waghmare，U. A. Kshirsagar摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3314使用CMOS Technology Nikita V. Dhomane的低功耗数字操作电压调节器设计，Dhomane，U. A. Kshirsagar摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3315配给分配系统RAJESH B.Shinde，A.G.GAIKWAD教授，Sonali Chincholikar教授摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3316使用MNSO4污泥作为水泥的局部替代品在混凝土戈霍尔ankush，Jogdand Mohini，Malvi Ketan，Salunke Swanand，Gorade Swapnil摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3317 Zhanthasagaram Mandal，Nellore District，Andhra Pradesh，India K. Sasdhar，P. Brahmajiroao和A.苏公爵Kumar摘要PDF与文本 DOI 10.17148 / IARJSET.2016.318土壤结构互动对多层建筑苏里亚TEJA CH，SAI KIRAN T摘要的楼层横向位移PDF与文本 DOI 10.17148 / IARJSET.2016.3311概述NARCHEPSY TOUTEEF RAHMAN，OMER FAROOK，MD BELAL BIN HEYAT，MOHD Maroof Siddiqui摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.330在教育建筑中热舒适性的空气运动的意义，案例研究麦德鲁普里亚，Nagaraju Kaja摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3321一种负载均衡方法，以最大限度地减少云计算Sachin Soni，前列yadav摘要的资源浪费 PDF与文本 DOI 10.17148 / IARJSET.2016.3322 Chickpea S.N流化床干燥的建模与仿真萨哈，G.P.德湾，R.S. Thakur摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3323光催化纺织染料废水采用固定催化剂系统Rajendiran S，Shriram B，Kanmani S摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3324网眼较少分析正弦偏斜板在正弦线载荷kumari shipra suman，jeeoot singh摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.325 2 * 2双频宽带圆形贴片天线阵列P. Sai Vinay Kumar，P.Jagadamba，M. N.Giri Prasad摘要摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3326一种解决云安全问题的多云方法：Qumar M.V，Poornima A. S Abstract PDF与文本 DOI 10.17148 / IARJSET.2016.3327锅炉厂具有不同GCV和碳百分比的升高效率。 P. Bhatt，C.P. Panchal摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3328工业自动化使用基于传感的应用程序的东西，Geething Chaudhari，Sudarshan Jadhav，Sandeep Batule，Sandeep Helkar摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3329工程学生学习的评估
8. Publish/Subscribe Based Architecture of an Alert Server to Support Prioritized and Persistent Alerts [R] . Chakravarthy, S. , Vontela, N. 2003

机译：基于发布/订阅的警报服务器体系结构，以支持优先级和持久性警报

FuzMet: a fuzzy-logic based alert prioritization engine for intrusiondetection systems

摘要

著录项

相似文献

相关主题

期刊订阅