Title :
New correlation method for an efficient intrusion detection system
Author :
Meddeb-Makhlouf, Amel ; Guemara-Elfatmi, Sihem ; Barrah, Sihem
Author_Institution :
Univ. of 7th of November, Carthage
Abstract :
This paper presents a new approach for the design of a correlation process to be used by intrusion detection systems to detect distributed attacks. The goal of this approach is to add more efficiency to the traditional correlation methods by considering two additional paradigms: similarity and distance approximation. It helps reducing the detection time and permits the security system to attempt detecting unknown attacks, in addition to the set of attacks predefined in ad hoc libraries.
Keywords :
approximation theory; correlation methods; security of data; ad hoc libraries; correlation method; distance approximation; distributed attacks; intrusion detection system; similarity paradigm; Communication networks; Communication system security; Computer networks; Computer security; Correlation; Data security; Intrusion detection; Libraries;
Conference_Titel :
Electronics, Circuits and Systems, 2005. ICECS 2005. 12th IEEE International Conference on
Conference_Location :
Gammarth
Print_ISBN :
978-9972-61-100-1
Electronic_ISBN :
978-9972-61-100-1
DOI :
10.1109/ICECS.2005.4633483
