首页> 外国专利> Method of managing alerts issued by intrusion detection sensors of an information security system

Method of managing alerts issued by intrusion detection sensors of an information security system

机译：管理信息安全系统的入侵检测传感器发出的警报的方法

页面导航

摘要
著录项
相似文献

摘要

A method of managing alerts issued by intrusion detection sensors (11a, 11b, 11c) of an information security system (1) including an alert management system (13), each alert being defined by an alert identifier and an alert content. Each of the alerts issued by the intrusion detection sensors (11a, 11b, 11c) is associated with a description including a conjunction of valued attributes belonging to attribute domains. The valued attributes belonging to each attribute domain are organized into a taxonomic structure defining generalization relationships between said valued attributes, the plurality of attribute domains thus forming a plurality of taxonomic structures. The description of each of said alerts is completed with sets of values induced by the taxonomic structures on the basis of the valued attributes of said alerts to form complete alerts. The complete alerts are stored in a logic file system (21) to enable them to be consulted.

机译：管理由入侵检测传感器（ 11 a， 11 b， 11 <包含警报管理系统（ 13 ）的信息安全系统（ 1 ）的/ B> c ），每个警报由警报定义标识符和警报内容。入侵检测传感器（ 11 a， 11 b， 11 < / B> c ）与描述相关联，该描述包含属于属性域的有价属性的并集。属于每个属性域的有价属性被组织成分类结构，该分类结构定义了所述有价属性之间的概括关系，因此多个属性域形成了多个分类结构。基于所述警报的值属性，利用分类结构导出的一组值来完成对每个所述警报的描述，以形成完整的警报。完整的警报存储在逻辑文件系统（ 21 ）中，以便对其进行查询。 展开▼

著录项

公开/公告号US7810157B2

专利类型

公开/公告日2010-10-05

原文格式PDF

申请/专利权人 BENJAMIN MORIN;HERVÉ DEBAR;
展开▼

申请/专利号US20040583586

发明设计人 HERVÉ DEBAR;BENJAMIN MORIN;
展开▼

申请日2004-12-16

分类号G06F11/00;G08B23/00;H04L29/06;G06F11/30;G06F15/177;

国家 US

入库时间 2022-08-21 18:48:32

相似文献

专利

外文文献

中文文献

1. 警报管理装置、警报管理系统及警报管理方法 [P] . 中国专利： CN112346433A . 2021-02-09

2. 存储介质、警报发出装置及方法 [P] . 中国专利： CN111081062B . 2022.03.01

3. Method of managing alerts issued by intrusion detection sensors of an information security system [P] . 美国专利： US2007150579A1 . 2007-06-28

机译：管理信息安全系统的入侵检测传感器发出的警报的方法

4. Intrusion detection system and method based on kernel module in security gateway system for high-speed intrusion detection on network [P] . 韩国专利： KR100501210B1 . 2005-07-18

机译：安全网关系统中基于内核模块的入侵检测系统和方法，用于网络高速入侵检测

5. Intrusion detection system and method based on kernel module in security gateway system for high-speed intrusion detection on network [P] . 韩国专利： KR20040048466A . 2004-06-10

机译：安全网关系统中基于内核模块的入侵检测系统和方法，用于网络高速入侵检测

1. An Instance-Learning-Based Intrusion-Detection System for Wireless Sensor Networks [J] . Shuai Fu, Xiaoyan Wang, Jie Li 中兴通讯技术（英文版） . 2015,第002期

2. Network Security Alerts Management Architecture for Signature-Based Intrusions Detection Systems within a NAT Environment [J] . Meharouech Sourour, Bouhoula Adel, Abbes Tarek Journal of network and systems management . 2011,第4期

3. Intrusion-Aware Alert Validation Algorithm for Cooperative Distributed Intrusion Detection Schemes of Wireless Sensor Networks [J] . Brian J. d#x02019, Auriol, Hassan Jameel, Sensors . 2009,第8期

4. A real-time alert correlation method based on code-books for intrusion detection systems [J] . Ehsan Mahdavi, Ali Fanian, Fatima Amini Computers & Security . 2020,第Feba期

5. Managing alerts in a multi-intrusion detection environment [C] . Cuppens, F. . 2001

6. A unified alert fusion model for intelligent analysis of sensor data in an intrusion detection environment. [D] . Siraj, Ambareen. 2006

7. Intrusion-Aware Alert Validation Algorithm for Cooperative Distributed Intrusion Detection Schemes of Wireless Sensor Networks [O] . Riaz Ahmed Shaikh, Hassan Jameel, Brian J. d’Auriol, 2009

8. A framework for correlation and aggregation of security alerts in communication networks. A reasoning correlation and aggregation approach to detect multi-stage attack scenarios using elementary alerts generated by Network Intrusion Detection Systems (NIDS) for a global security perspective. [O] . Alserhani Faeiz 2011

9. Characterizing and Managing Intrusion Detection System (IDS) Alerts with Multi-Server/Multi-Priority Queuing Theory. [R] . Olsen, C. C. 2014

1. False Positive Alerts Reduction by Correlating the Intrusion Detection System Alerts： Investigation Study [J] . Homam EI-Taj ,Omar Abouabdalla ,Ahmed Manasrah . 通讯和计算机 . 2010,第003期

2. A Hybrid Intrusion Detection System for Smart Home Security Based on Machine Learning and User Behavior [J] . Faisal Alghayadh ,Debatosh Debnath . 物联网（英文） . 2021,第1期

3. Development of a Platform to Explore Network Intrusion Detection System (NIDS) for Cybersecurity [J] . Chee Keong Chan ,Alexander Weil Tine Yeoh . 电脑和通信（英文） . 2018,第1期

4. Designing an Agent-Based Intrusion Detection System for Heterogeneous Wireless Sensor Networks: Robust, Fault Tolerant and Dynamic Reconfigurable [J] . Hossein Jadidoleslamy . 通讯、网络与系统学国际期刊（英文） . 2011,第8期

5. 一种新的基于分布式入侵检测的警报聚类方法 [C] . 冯光升 ,王慧强 ,武俊鹏 . 第二届中国可信计算与信息安全学术会议 . 2006

6. 入侵检测警报综合分析方法的研究与实现 [A] . 李龙营 . 2014