• DocumentCode
    2453233
  • Title

    Multi-Violation Detectors: An algebraic tool for Alert Correlation and Intrusion Detection

  • Author

    Meddeb-Makhlouf, Amel ; Boudriga, Noureddine

  • Author_Institution
    CN&S Res. Lab., Univ. of 7th of November at Carthage
  • Volume
    2
  • fYear
    0
  • fDate
    0-0 0
  • Firstpage
    3181
  • Lastpage
    3186
  • Abstract
    To enhance the traditional techniques of detecting distributed attacks, an algebraic tool for correlating alerts is proposed in this paper. It is mainly based on a new concept called multi-violation detectors (MvD). While MvDs allow event and alert correlation, they can be mathematically managed, constructed, and learned. The proposed method is validated at the end of the paper based on a case study
  • Keywords
    algebra; distributed processing; security of data; alert correlation; algebra; detection learning; distributed attacks; event correlation; intrusion detection system; multiviolation detectors; Computer architecture; Computer crime; Computer networks; Condition monitoring; Detectors; Event detection; Intrusion detection; Multilayer perceptrons; Neural networks; Sensor phenomena and characterization; Correlation; Intrusion detection system; Multi-violation detectors; detection learning;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information and Communication Technologies, 2006. ICTTA '06. 2nd
  • Conference_Location
    Damascus
  • Print_ISBN
    0-7803-9521-2
  • Type

    conf

  • DOI
    10.1109/ICTTA.2006.1684925
  • Filename
    1684925