Title :
Structuring a Multi-violation Detectors Database for an Efficient Intrusion Detection
Author :
Meddeb-Makhlouf, Amel ; Hamdi, Mohamed ; Boudriga, Noureddine
Author_Institution :
Commun. Network & Security Res. Lab., Carthage
Abstract :
This paper proposes to manage data structures manipulated by the proposed correlation function based on a new concept called multi-violation detectors (MvD). The MvD-based correlation function manipulates events based on metrics that evaluate them. The detection and the correlation processes are managed using a MLP (multi-layer perceptron)-like network architecture. The manipulated data structures in the MLP-like network mainly include attacks, metrics and MvD values. To add more efficiency to the implemented processes, these values are managed through a structured database where an SQL-like language for MvD retrieval is introduced. The proposed approach is based on a relational calculus. Therefore, its completeness is mathematically proved.
Keywords :
SQL; data structures; database management systems; multilayer perceptrons; relational algebra; security of data; MvD retrieval; SQL-like language; correlation function; data structure; intrusion detection; multilayer perceptron; multiviolation detectors database; network architecture; relational calculus; structured database management; Calculus; Communication networks; Computer network management; Data engineering; Data security; Data structures; Detectors; Intrusion detection; Protection; Relational databases;
Conference_Titel :
Computer Systems and Applications, 2007. AICCSA '07. IEEE/ACS International Conference on
Conference_Location :
Amman
Print_ISBN :
1-4244-1030-4
Electronic_ISBN :
1-4244-1031-2
DOI :
10.1109/AICCSA.2007.370728