Managing alerts in a multi-intrusion detection environment

被引:68
|
作者
Cuppens, F [1 ]
机构
[1] ONERA Toulouse, F-31055 Toulouse, France
来源
17TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS | 2001年
关键词
IDS; IDMEF; DTD; cooperative intrusion detection; alert clustering; alert merging;
D O I
10.1109/ACSAC.2001.991518
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
There are several approaches for intrusion detection but none of them is fully satisfactory. They generally generate too many false positives and the alerts are too elementary and not enough accurate to be directly managed by a security administrator. A promising approach is to develop a cooperation module to analyze alerts and to generate more global and synthetic alerts. This paper presents the work we did in this context within the MIRADOR project. We suggest specifications for three functions: alert base management, alert clustering and alert merging. The approach is compliant with the IDMEF format currently being defined at the IETF.
引用
收藏
页码:22 / 31
页数:10
相关论文
共 50 条
  • [41] Knowledge Empowered Deep Reinforcement Learning to Prioritize Alerts Generated by Intrusion Detection Systems
    Chavali, Lalitha
    Saxena, Paresh
    Mitra, Barsha
    [J]. ADVANCED INFORMATION NETWORKING AND APPLICATIONS, VOL 4, AINA 2024, 2024, 202 : 400 - 411
  • [42] Lessons Learned from Automated Sharing of Intrusion Detection Alerts: The Case of the SABU Platform
    Husak, Martin
    Sokol, Pavol
    Zadnik, Martin
    Bartos, Vaclav
    Horak, Martin
    [J]. DIGITAL THREATS: RESEARCH AND PRACTICE, 2023, 4 (04):
  • [43] Alerts correlation system to enhance the performance of the network-based intrusion detection system
    Lee, DH
    Seo, JT
    Ryou, JC
    [J]. GRID AND COOPERATIVE COMPUTING GCC 2004, PROCEEDINGS, 2004, 3251 : 333 - 340
  • [44] Intrusion detection in Cloud Internet of Things Environment
    Rebbah, Mohammed
    Rebbah, Dhiaa El Hak
    Smail, Omar
    [J]. PROCEEDINGS OF THE 2017 INTERNATIONAL CONFERENCE ON MATHEMATICS AND INFORMATION TECHNOLOGY (ICMIT), 2017, : 65 - 70
  • [45] Efficient Approaches for Intrusion Detection in Cloud Environment
    Mishra, Preeti
    Pilli, Emmanuel S.
    Varadharajan, Vijay
    Tupakula, Udaya
    [J]. 2016 IEEE INTERNATIONAL CONFERENCE ON COMPUTING, COMMUNICATION AND AUTOMATION (ICCCA), 2016, : 1211 - 1216
  • [46] Intrusion detection and prevention system for an IoT environment
    Ajay Kumar
    KAbhishek
    MRGhalib
    AShankar
    XCheng
    [J]. Digital Communications and Networks., 2022, 8 (04) - 551
  • [47] Intrusion detection and prevention system for an IoT environment
    Kumar, Ajay
    Abhishek, K.
    Ghalib, M. R.
    Shankar, A.
    Cheng, X.
    [J]. DIGITAL COMMUNICATIONS AND NETWORKS, 2022, 8 (04) : 540 - 551
  • [48] Intrusion detection method for IoT in heterogeneous environment
    Liu, Jing
    Mu, Zelin
    Lai, Yingxu
    [J]. Tongxin Xuebao/Journal on Communications, 2024, 45 (04): : 114 - 127
  • [49] Intrusion detection techniques in cloud environment: A survey
    Mishra, Preeti
    Pilli, Emmanuel S.
    Varadharajan, Vijay
    Tupakula, Udaya
    [J]. JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2017, 77 : 18 - 47
  • [50] Efficient Intrusion Detection System for IoT Environment
    Mohamed, Rehab Hosny
    Mosa, Faried Ali
    Sadek, Rowayda A.
    [J]. INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 2022, 13 (04) : 572 - 578
12345