Processing intrusion detection alert aggregates with time series modeling

  title={Processing intrusion detection alert aggregates with time series modeling},
  author={Jouni Viinikka and Herv{\'e} Debar and Ludovic M{\'e} and Anssi Lehikoinen and Mika P. Tarvainen},
  journal={Information Fusion},
The main use of intrusion detection systems (IDS) is to detect attacks against information systems and networks. Normal use of the network and its functioning can also be monitored with an IDS. It can be used to control, for example, the use of management and signaling protocols, or the network traffic related to some less critical aspects of system policies. These complementary usages can generate large numbers of alerts, but still, in operational environment, the collection of such data may… CONTINUE READING
Highly Cited
This paper has 71 citations. REVIEW CITATIONS


Publications citing this paper.
Showing 1-10 of 41 extracted citations

Network IDS alert classification with frequent itemset mining and data clustering

2010 International Conference on Network and Service Management • 2010
View 6 Excerpts
Highly Influenced

72 Citations

Citations per Year
Semantic Scholar estimates that this publication has 72 citations based on the available data.

See our FAQ for additional information.


Publications referenced by this paper.
Showing 1-10 of 39 references

Intrusion detection alert flow processing using time series analysis methods

J. Viinikka
Ph.D. thesis, University of Caen, Caen, France • 2006
View 4 Excerpts
Highly Influenced

Estimation methods for nonstationary biosignals

M. Tarvainen
Ph.D. thesis, Department of Applied Physics, University of Kuopio, Kuopio, Finland • 2004
View 5 Excerpts
Highly Influenced

Traffic matrix tracking using Kalman filters

SIGMETRICS Performance Evaluation Review • 2005
View 1 Excerpt

Similar Papers

Loading similar papers…