Selective alerts for runtime protection of distributed systems

@inproceedings{Colajanni2008SelectiveAF,
  title={Selective alerts for runtime protection of distributed systems},
  author={Michele Colajanni and Daniele Gozzi and Mirco Marchetti},
  year={2008}
}
Network Intrusion Detection Systems (NIDS) are popular components for a fast detection of network attacks and intrusions, but their efficacy is limited by overwhelming amounts of false alarms that have to be manually managed by system administrators. In order to improve the efficacy of attack detection and reduce the amount of false positives, we propose a novel scheme for runtime alert management. It filters innocuous attacks by taking advantage of the correlation between the NIDS alerts and… CONTINUE READING

Citations

Publications citing this paper.
Showing 1-4 of 4 extracted citations

References

Publications referenced by this paper.
Showing 1-10 of 12 references

Building Dependable Intrusion Prevention Systems

2006 International Conference on Dependability of Computer Systems • 2006

A comprehensive approach to intrusion detection alert correlation

F. Valeur, G. Vigna, C. Kruegel, R. A. Kemmerer
IEEE Transactions on Dependable and Secure Computing, • 2004
View 2 Excerpts

Constructing attack scenarios through correlation of intrusion alerts

ACM Conference on Computer and Communications Security • 2002
View 1 Excerpt

Tenable Network Security, Inc., Correlating IDS alerts with vulnerability

R. Gula
2002
View 1 Excerpt

Similar Papers

Loading similar papers…