Correlation analysis system using VA data, IDS alerts

被引:0
|
作者
Lee, Jong-Hyouk [1 ]
Chung, Tai-Myung [1 ]
机构
[1] Sungkyunkwan Univ, Dept Comp Engn, Internet Management Technol Lab, Suwon 440746, Gyeonggi, South Korea
来源
Advances in Computational Methods in Sciences and Engineering 2005, Vols 4 A & 4 B | 2005年 / 4A-4B卷
关键词
correlation; vulnerability; IDS;
D O I
暂无
中图分类号
T [工业技术];
学科分类号
08 ;
摘要
We propose a novel framework named Correlation Analysis System (CAS) using vulnerability assessment data, IDS alerts. Traditional IDS focus on low-level attacks or anomalies, and raise alerts independently, though there may be logical connections between them. In situations where there axe intensive intrusions, not only will actual alerts be mixed with false alerts, but the amount of alerts will also become unmanageable. We propose CAS using vulnerability assessment data, IDS alerts to reduce false positives and negatives. This provides an effective mean to lower the number of false positives and negatives that an administrator has to deal with. It also improves the results of alert correlation systems by cleaning their input data from spurious attacks. We have developed an active verification system based on Snort and Nessus. As the current implementation stands, it is a useful tool for reducing the false alarm rate of Snort.
引用
收藏
页码:1600 / 1603
页数:4
相关论文
共 50 条
  • [31] IDS Alarms Reduction Using Data Mining
    Al-Mamory, Safaa O.
    Zhang Hongli
    Abbas, Ayad R.
    [J]. 2008 IEEE INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS, VOLS 1-8, 2008, : 3564 - +
  • [32] Traffic Inference System Using Correlation Analysis with Various Predicted Big Data
    Kim, Yonghoon
    Huh, Jun-Ho
    Chung, Mokdong
    [J]. ELECTRONICS, 2021, 10 (03) : 1 - 17
  • [33] The Design and Implementation of the IDS Catalogue Data Archive System
    Li Jingang
    Liu Shibin
    Liu Wei
    [J]. INSTRUMENTATION, MEASUREMENT, CIRCUITS AND SYSTEMS, 2012, 127 : 837 - 844
  • [34] Algorithm of reducing the false positives in IDS based on correlation Analysis
    Liu, Jianyi
    Li, Sida
    Zhang, Ru
    [J]. 2017 INTERNATIONAL SYMPOSIUM ON APPLICATION OF MATERIALS SCIENCE AND ENERGY MATERIALS (SAMSE 2017), 2018, 322
  • [35] Big Data Analysis Architecture for Multi IDS Sensors using Memory based Processor
    Saputra, Ferry Astika
    Salman, Muhammad
    Ramli, Kalamullah
    Abdillah, Abid
    Syarif, Iwan
    [J]. 2017 INTERNATIONAL ELECTRONICS SYMPOSIUM ON KNOWLEDGE CREATION AND INTELLIGENT COMPUTING (IES-KCIC), 2017, : 40 - 45
  • [36] Alerts correlation system to enhance the performance of the network-based intrusion detection system
    Lee, DH
    Seo, JT
    Ryou, JC
    [J]. GRID AND COOPERATIVE COMPUTING GCC 2004, PROCEEDINGS, 2004, 3251 : 333 - 340
  • [37] DoS Attacks Prevention Using IDS and Data Mining
    Keshri, Anand
    Singh, Sukhpal
    Agarwal, Mayank
    Nandi, Sunit Kumar
    [J]. 2016 INTERNATIONAL CONFERENCE ON ACCESSIBILITY TO DIGITAL WORLD (ICADW), 2016, : 86 - 91
  • [38] Pharmacy data in the VA health care system
    Smith, MW
    Joseph, GJ
    [J]. MEDICAL CARE RESEARCH AND REVIEW, 2003, 60 (03) : 92S - 123S
  • [39] Using data correlation to build an intrusion detection system
    Romano, L.
    Vianello, V.
    Antonio, S. D'
    Giordano, S.
    [J]. RECENT ADVANCES IN AUTOMATION & INFORMATION: PROCEEDINGS OF THE 10TH WSEAS INTERNATIONAL CONFERENCE ON AUTOMATION & INFORMATION (ICAI'09), 2009, : 342 - +
  • [40] Alerts Correlation and Causal Analysis for APT Based Cyber Attack Detection
    Khosravi, Mehran
    Ladani, Behrouz Tork
    [J]. IEEE ACCESS, 2020, 8 : 162642 - 162656
12345