Aggregating IDS Alerts Based on Time Threshold: Testing and Results
Journal: INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY (Vol.11, No. 2)Publication Date: 2013-12-06
Authors : Homam El-Taj;
Page : 2216-2225
Keywords : Network security; Intrusion Detection System; Redundant Alerts; Alert Aggregation; Alert Correlation;
Abstract
Every secure system has the possibility to fail. Therefore, extra effort should be taken to protect these systems. Intrusion Detection Systems (IDSs) had been proposed with the aim of providing extra protection to security systems. These systems trigger thousands of alerts per day, which prompt security analysts to verify each alert for relevance and severity based on an aggregation criterion. Several aggregation methods have been proposed to collect these alerts. This paper presents our threshold aggregation system (TAS). Results shows that TAS aggregates IDS alerts accurately based on user demands and threshold value.
Other Latest Articles
- Software Defect Prevention through Orthogonal Defect Classification (ODC)
- Circuit Optimization For Transmission Gate Master Slave Flip-Flops
- Mobile IPTV: Implications for Education
- An Extended Recommendation System using Data Mining Implemented for Smart Phones
- Study on cerebral vascular image of spectral domain optical coherence tomography with compressive sensing
Last modified: 2016-06-29 18:44:27