مرکز منطقه ای اطلاع رساني علوم و فناوري - Multi-Violation Detectors: An algebraic tool for Alert Correlation and Intrusion Detection

DocumentCode :

2453233

Title :

Multi-Violation Detectors: An algebraic tool for Alert Correlation and Intrusion Detection

Author :

Meddeb-Makhlouf, Amel ; Boudriga, Noureddine

Author_Institution :

CN&S Res. Lab., Univ. of 7th of November at Carthage

Volume :

fYear :

fDate :

0-0 0

Firstpage :

3181

Lastpage :

3186

Abstract :

To enhance the traditional techniques of detecting distributed attacks, an algebraic tool for correlating alerts is proposed in this paper. It is mainly based on a new concept called multi-violation detectors (MvD). While MvDs allow event and alert correlation, they can be mathematically managed, constructed, and learned. The proposed method is validated at the end of the paper based on a case study

Keywords :

algebra; distributed processing; security of data; alert correlation; algebra; detection learning; distributed attacks; event correlation; intrusion detection system; multiviolation detectors; Computer architecture; Computer crime; Computer networks; Condition monitoring; Detectors; Event detection; Intrusion detection; Multilayer perceptrons; Neural networks; Sensor phenomena and characterization; Correlation; Intrusion detection system; Multi-violation detectors; detection learning;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Information and Communication Technologies, 2006. ICTTA '06. 2nd

Conference_Location :

Damascus

Print_ISBN :

0-7803-9521-2

Type :

conf

DOI :

10.1109/ICTTA.2006.1684925

Filename :

1684925

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2453233