An Alerts Correlation Technology for Large-Scale Network Intrusion Detection

被引:0
|
作者
Yuan, Jingbo [1 ]
Ding, Shunli [1 ]
机构
[1] NE Univ Qinhuangdao, Inst Informat Management Technol & Applicat, Qinhuangdao, Peoples R China
来源
WEB INFORMATION SYSTEMS AND MINING, PT I | 2011年 / 6987卷
关键词
intrusion detection; alert aggregation; alarm correlation; association rule mining;
D O I
暂无
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Intrusion detection is an important security tool. Intrusion detection systems are becoming ubiquitous defenses in today's networks. But some researches showed that the volume of alerts generated from intrusion detection systems can be overwhelming. The alert aggregation and alert correlation capability has the potential to reduce alert volume and improve detection performance. In this paper, an approach of correlating intrusion alerts based on the association rules mining is proposed, which can effectively reduce the repeated alert thereby to reduce the rate of false alarm.
引用
收藏
页码:352 / +
页数:2
相关论文
共 50 条
  • [41] AIDA Framework: Real-Time Correlation and Prediction of Intrusion Detection Alerts
    Husak, Martin
    Kaspar, Jaroslav
    14TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY (ARES 2019), 2019,
  • [42] Fast, large-scale string match for a 10Gbps FPGA-based network Intrusion Detection System
    Sourdis, I
    Pnevmatikatos, D
    FIELD-PROGRAMMABLE LOGIC AND APPLICATIONS, PROCEEDINGS, 2003, 2778 : 880 - 889
  • [43] Large-Scale and Robust Intrusion Detection Model Combining Improved Deep Belief Network With Feature-Weighted SVM
    Wu, Yukun
    Lee, Wei William
    Xu, Zhicheng
    Ni, Minya
    IEEE ACCESS, 2020, 8 (08): : 98600 - 98611
  • [44] Preprocessor of Intrusion Alerts Correlation Based on Ontology
    Li, Wan
    Tian, Shengfeng
    2009 WRI INTERNATIONAL CONFERENCE ON COMMUNICATIONS AND MOBILE COMPUTING: CMC 2009, VOL 3, 2009, : 460 - +
  • [45] Analyzing intensive intrusion alerts via correlation
    Ning, P
    Cui, Y
    Reeves, DS
    RECENT ADVANCES IN INTRUSION DETECTION, PROCEEDINGS, 2002, 2516 : 74 - 94
  • [46] A WS-based infrastructure for integrating intrusion detection systems in large-scale environments
    Brandao, Jose Eduardo M. S.
    Fraga, Joni da Silva
    Mafra, Paulo Manoel
    Obelheiro, Rafael R.
    ON THE MOVE TO MEANINGFUL INTERNET SYSTEMS 2006: COOPIS, DOA, GADA, AND ODBAS, PT 1, PROCEEDINGS, 2006, 4275 : 462 - 479
  • [47] A Decision Support System for Placement of Intrusion Detection and Prevention Devices in Large-Scale Networks
    Puzis, Rami
    Tubi, Meytal
    Elovici, Yuval
    Glezer, Chanan
    Dolev, Shlomi
    ACM TRANSACTIONS ON MODELING AND COMPUTER SIMULATION, 2011, 22 (01):
  • [48] Ruling the Rules: Quantifying the Evolution of Rulesets, Alerts and Incidents in Network Intrusion Detection
    Vermeer, Mathew
    van Eeten, Michel
    Ganan, Carlos
    ASIA CCS'22: PROCEEDINGS OF THE 2022 ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2022, : 799 - 813
  • [49] Correlating intrusion detection alerts on bot malware infections using neural network
    Kidmose, Egon
    Stevanovic, Matija
    Pedersen, Jens Myrup
    2016 INTERNATIONAL CONFERENCE ON CYBER SECURITY AND PROTECTION OF DIGITAL SERVICES (CYBER SECURITY), 2016,
  • [50] Train rescheduling for large-scale disruptions in a large-scale railway network
    Zhang, Chuntian
    Gao, Yuan
    Cacchiani, Valentina
    Yang, Lixing
    Gao, Ziyou
    TRANSPORTATION RESEARCH PART B-METHODOLOGICAL, 2023, 174
12345