An Alerts Correlation Technology for Large-Scale Network Intrusion Detection

被引:0
|
作者
Yuan, Jingbo [1 ]
Ding, Shunli [1 ]
机构
[1] NE Univ Qinhuangdao, Inst Informat Management Technol & Applicat, Qinhuangdao, Peoples R China
来源
WEB INFORMATION SYSTEMS AND MINING, PT I | 2011年 / 6987卷
关键词
intrusion detection; alert aggregation; alarm correlation; association rule mining;
D O I
暂无
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Intrusion detection is an important security tool. Intrusion detection systems are becoming ubiquitous defenses in today's networks. But some researches showed that the volume of alerts generated from intrusion detection systems can be overwhelming. The alert aggregation and alert correlation capability has the potential to reduce alert volume and improve detection performance. In this paper, an approach of correlating intrusion alerts based on the association rules mining is proposed, which can effectively reduce the repeated alert thereby to reduce the rate of false alarm.
引用
收藏
页码:352 / +
页数:2
相关论文
共 50 条
  • [21] Fuzzy generalized Hebbian algorithm for large-scale intrusion detection system
    Ali, Ahmed Hussein
    Aljanabi, Mohammad
    Ahmed, Munef Abdullah
    INTERNATIONAL JOURNAL OF INTEGRATED ENGINEERING, 2020, 12 (01): : 81 - 90
  • [22] Network control technology for large-scale container clusters
    Wang B.
    Zhang W.
    Deng W.
    Guofang Keji Daxue Xuebao/Journal of National University of Defense Technology, 2019, 41 (01): : 142 - 151
  • [23] PRISM: A Hierarchical Intrusion Detection Architecture for Large-Scale Cyber Networks
    Javed Y.
    Khayat M.A.
    Elghariani A.A.
    Ghafoor A.
    IEEE Transactions on Dependable and Secure Computing, 2023, 20 (06) : 5070 - 5086
  • [24] A new intrusion detection and alarm correlation technology based on neural network
    Liu, Yansong
    Zhu, Li
    EURASIP JOURNAL ON WIRELESS COMMUNICATIONS AND NETWORKING, 2019, 2019 (1)
  • [25] A new intrusion detection and alarm correlation technology based on neural network
    Yansong Liu
    Li Zhu
    EURASIP Journal on Wireless Communications and Networking, 2019
  • [26] Real-time analysis of intrusion detection alerts via correlation
    Lee, Soojin
    Chung, Byungchun
    Kim, Heeyoul
    Lee, Yunho
    Park, Chanil
    Yoon, Hyunsoo
    COMPUTERS & SECURITY, 2006, 25 (03) : 169 - 183
  • [27] A Rough Set Based Alerts Aggregation and Correlation Model for Intrusion Detection
    Zhou, Lin
    Wang, Chunping
    Jiang, Feng
    2012 THIRD INTERNATIONAL CONFERENCE ON TELECOMMUNICATION AND INFORMATION (TEIN 2012), 2012, : 27 - 33
  • [28] A real-time network intrusion detection system for large-scale attacks based on an incremental mining approach
    Su, Ming-Yang
    Yu, Gwo-Jong
    Lin, Chun-Yuen
    COMPUTERS & SECURITY, 2009, 28 (05) : 301 - 309
  • [29] Crowdsourcing based large-scale network anomaly detection
    Li, Yang
    Huang, Wenguang
    Tian, Xiaohua
    2018 10TH INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS AND SIGNAL PROCESSING (WCSP), 2018,
  • [30] Gravity algorithm for the community detection of large-scale network
    Majid Arasteh
    Somayeh Alizadeh
    Chi-Guhn Lee
    Journal of Ambient Intelligence and Humanized Computing, 2023, 14 : 1217 - 1228
12345