Alert Correlation Algorithms: A Survey and Taxonomy

@inproceedings{Mirheidari2013AlertCA,
  title={Alert Correlation Algorithms: A Survey and Taxonomy},
  author={Seyed Ali Mirheidari and Sajjad Arshad and Rasool Jalili},
  booktitle={CSS},
  year={2013}
}
Alert correlation is a system which receives alerts from heterogeneous Intrusion Detection Systems and reduces false alerts, detects high level patterns of attacks, increases the meaning of occurred incidents, predicts the future states of attacks, and detects root cause of attacks. To reach these goals, many algorithms have been introduced in the world with many advantages and disadvantages. In this paper, we are trying to present a comprehensive survey on already proposed alert correlation… CONTINUE READING

Citations

Publications citing this paper.
SHOWING 1-10 OF 21 CITATIONS

A hybrid alarm management strategy in signature-based intrusion detection systems

VIEW 5 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

Split-and-Merge: Detecting Unknown Botnets

VIEW 1 EXCERPT
CITES BACKGROUND

Shielding IoT against Cyber-Attacks: An Event-Based Approach Using SIEM

VIEW 1 EXCERPT
CITES BACKGROUND

Profiling SIEM tools and correlation engines for security analytics

VIEW 1 EXCERPT
CITES BACKGROUND

References

Publications referenced by this paper.
SHOWING 1-10 OF 53 REFERENCES

IDS alerts correlation using grammar-based approach

VIEW 1 EXCERPT