Intrusion Alert Correlation Technique Analysis for Heterogeneous Log

@inproceedings{Yusof2008IntrusionAC,
  title={Intrusion Alert Correlation Technique Analysis for Heterogeneous Log},
  author={Robiah Yusof and Siti Rahayu Selamat and Shahrin bin Sahib},
  year={2008}
}
Summary Intrusion alert correlation is multi-step processes that receives alerts from heterogeneous log resources as input and produce a high-level description of the malicious activity on the network. The objective of this study is to analyse the current alert correlation technique and identify the significant criteria in each technique that can improve the Intrusion Detection System (IDS) problem such as prone to alert flooding, contextual problem, false alert and scalability. The existing… CONTINUE READING

Similar Papers

Citations

Publications citing this paper.
SHOWING 1-10 OF 31 CITATIONS

Automated Technique for Debugging Network Intrusion Detection Systems

  • 2010 International Conference on Intelligent Systems, Modelling and Simulation
  • 2010
VIEW 4 EXCERPTS
CITES BACKGROUND
HIGHLY INFLUENCED

A New Generic Taxonomy on Hybrid Malware Detection Technique

  • ArXiv
  • 2009
VIEW 3 EXCERPTS
CITES METHODS & BACKGROUND
HIGHLY INFLUENCED

Critical analyses of alerts swamping and intrusion redundancy

  • 2009 International Conference for Internet Technology and Secured Transactions, (ICITST)
  • 2009
VIEW 4 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

An innovative framework for collaborative intrusion alert correlation

  • 2014 Science and Information Conference
  • 2014
VIEW 2 EXCERPTS
CITES BACKGROUND & METHODS

References

Publications referenced by this paper.
SHOWING 1-10 OF 13 REFERENCES

Event Data Exchange and Intrusion Alert Correlation in Heterogeneous Networks. 8th Colloqium for Information Systems Security Education

A. Hattala, C. Sars, R. Addams, T. Virtanen
  • 2004
VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL

Statistical Causality of INFOSEC Alert Data

X. Qin, W. Le
  • Proceedings of Recent Advances in Intrusion Detection
  • 2003
VIEW 3 EXCERPTS
HIGHLY INFLUENTIAL

Aggregation and Correlation of Intrusion-Detection Alerts

  • Recent Advances in Intrusion Detection
  • 2001
VIEW 3 EXCERPTS
HIGHLY INFLUENTIAL

Alert correlation in a cooperative intrusion detection framework

  • Proceedings 2002 IEEE Symposium on Security and Privacy
  • 2002
VIEW 3 EXCERPTS

Constructing attack scenarios through correlation of intrusion alerts

  • ACM Conference on Computer and Communications Security
  • 2002
VIEW 1 EXCERPT