ResearchBib Share Your Research, Maximize Your Social Impacts
Sign for Notice Everyday Sign up >> Login

Aggregating IDS Alerts Based on Time Threshold: Testing and Results

Journal: INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY (Vol.11, No. 2)

Publication Date:

Authors : ;

Page : 2216-2225

Keywords : Network security; Intrusion Detection System; Redundant Alerts; Alert Aggregation; Alert Correlation;

Source : Download Find it from : Google Scholarexternal

Abstract

Every secure system has the possibility to fail. Therefore, extra effort should be taken to protect these systems. Intrusion Detection Systems (IDSs) had been proposed with the aim of providing extra protection to security systems. These systems trigger thousands of alerts per day, which prompt security analysts to verify each alert for relevance and severity based on an aggregation criterion. Several aggregation methods have been proposed to collect these alerts. This paper presents our threshold aggregation system (TAS). Results shows that TAS aggregates IDS alerts accurately based on user demands and threshold value.

Last modified: 2016-06-29 18:44:27