An Alerts Correlation Technology for Large-Scale Network Intrusion Detection

被引:0
|
作者
Yuan, Jingbo [1 ]
Ding, Shunli [1 ]
机构
[1] NE Univ Qinhuangdao, Inst Informat Management Technol & Applicat, Qinhuangdao, Peoples R China
来源
WEB INFORMATION SYSTEMS AND MINING, PT I | 2011年 / 6987卷
关键词
intrusion detection; alert aggregation; alarm correlation; association rule mining;
D O I
暂无
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Intrusion detection is an important security tool. Intrusion detection systems are becoming ubiquitous defenses in today's networks. But some researches showed that the volume of alerts generated from intrusion detection systems can be overwhelming. The alert aggregation and alert correlation capability has the potential to reduce alert volume and improve detection performance. In this paper, an approach of correlating intrusion alerts based on the association rules mining is proposed, which can effectively reduce the repeated alert thereby to reduce the rate of false alarm.
引用
收藏
页码:352 / +
页数:2
相关论文
共 50 条
  • [31] Gravity algorithm for the community detection of large-scale network
    Arasteh, Majid
    Alizadeh, Somayeh
    Lee, Chi-Guhn
    JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING, 2021, 14 (2) : 1217 - 1228
  • [32] Research of large-scale network-based adaptive intrusion response model
    Guo, Dai-Fei
    Yang, Yi-Xian
    Hu, Zheng-Ming
    Beijing Youdian Daxue Xuebao/Journal of Beijing University of Posts and Telecommunications, 2004, 27 (01): : 79 - 83
  • [33] Ranking intrusion likelihoods with exploitability of network vulnerabilities in a large-scale attack model
    Hewett, Rattikorn
    Kijsanayothin, Phongphun
    International Journal of Network Security, 2015, 17 (04) : 383 - 394
  • [34] Stability detection method of large-scale network information transmission based on digital twin technology
    Lin, Xiao
    Du, Jian
    Gao, Wenjun
    Zhou, Aobo
    International Journal of Reasoning-based Intelligent Systems, 2024, 16 (04) : 313 - 322
  • [35] Adaptive Intrusion Detection in the Networking of Large-Scale LANs with Segmented Federated Learning
    Sun Y.
    Esaki H.
    Ochiai H.
    IEEE Open Journal of the Communications Society, 2021, 2 : 102 - 112
  • [36] A game theoretic model for dynamic configuration of large-scale intrusion detection signatures
    Xaiver Jerald Punithan
    Jong-Deok Kim
    Dongseok Kim
    Yoon-Ho Choi
    Multimedia Tools and Applications, 2016, 75 : 15461 - 15477
  • [37] A game theoretic model for dynamic configuration of large-scale intrusion detection signatures
    Punithan, Xaiver Jerald
    Kim, Jong-Deok
    Kim, Dongseok
    Choi, Yoon-Ho
    MULTIMEDIA TOOLS AND APPLICATIONS, 2016, 75 (23) : 15461 - 15477
  • [38] Towards Understanding Alerts raised by Unsupervised Network Intrusion Detection Systems
    Lanvin, Maxime
    Gimenez, Pierre-Francois
    Han, Yufei
    Majorczyk, Frederic
    Me, Ludovic
    Totel, Eric
    PROCEEDINGS OF THE 26TH INTERNATIONAL SYMPOSIUM ON RESEARCH IN ATTACKS, INTRUSIONS AND DEFENSES, RAID 2023, 2023, : 135 - 150
  • [39] MICRODATA FILE MERGING THROUGH LARGE-SCALE NETWORK TECHNOLOGY
    BARR, RS
    TURNER, JS
    MATHEMATICAL PROGRAMMING STUDY, 1981, 15 (MAY): : 1 - 22
  • [40] Large-Scale Correlation Screening
    Hero, Alfred
    Rajaratnam, Bala
    JOURNAL OF THE AMERICAN STATISTICAL ASSOCIATION, 2011, 106 (496) : 1540 - 1552
12345