DocumentCode
2872057
Title
A Flexible, High Performance Service-Oriented Architecture for Detecting Cyber Attacks
Author
Wynne, Adam ; Gorton, Ian ; Almquist, Justin ; Chatterton, Jack ; Thurman, Dave
fYear
2008
fDate
7-10 Jan. 2008
Firstpage
263
Lastpage
263
Abstract
A high percentage of false positives remains a problem in current network security detection systems. With the growing reliance of industry on computer networks, and the growing variety of attacks that can be directed towards a computer network, it is clear that detection systems must be improved in order to tackle this growing problem. To help minimise the problem of false positives, this paper describes a method and apparatus for security alert analysis that is based on two technologies: (i) event correlation and (ii) a truth maintenance system. This work was undertaken in the context of practical network security management in a large outsourced management service provider in the Asia-Pacific region.
Keywords
Algorithm design and analysis; Australia; Computer network management; Costs; Data security; Information security; Intrusion detection; Logic; Performance analysis; Service oriented architecture;
fLanguage
English
Publisher
ieee
Conference_Titel
Hawaii International Conference on System Sciences, Proceedings of the 41st Annual
Conference_Location
Waikoloa, HI, USA
ISSN
1530-1605
Type
conf
DOI
10.1109/HICSS.2008.19
Filename
4438968
Link To Document