DocumentCode
2453233
Title
Multi-Violation Detectors: An algebraic tool for Alert Correlation and Intrusion Detection
Author
Meddeb-Makhlouf, Amel ; Boudriga, Noureddine
Author_Institution
CN&S Res. Lab., Univ. of 7th of November at Carthage
Volume
2
fYear
0
fDate
0-0 0
Firstpage
3181
Lastpage
3186
Abstract
To enhance the traditional techniques of detecting distributed attacks, an algebraic tool for correlating alerts is proposed in this paper. It is mainly based on a new concept called multi-violation detectors (MvD). While MvDs allow event and alert correlation, they can be mathematically managed, constructed, and learned. The proposed method is validated at the end of the paper based on a case study
Keywords
algebra; distributed processing; security of data; alert correlation; algebra; detection learning; distributed attacks; event correlation; intrusion detection system; multiviolation detectors; Computer architecture; Computer crime; Computer networks; Condition monitoring; Detectors; Event detection; Intrusion detection; Multilayer perceptrons; Neural networks; Sensor phenomena and characterization; Correlation; Intrusion detection system; Multi-violation detectors; detection learning;
fLanguage
English
Publisher
ieee
Conference_Titel
Information and Communication Technologies, 2006. ICTTA '06. 2nd
Conference_Location
Damascus
Print_ISBN
0-7803-9521-2
Type
conf
DOI
10.1109/ICTTA.2006.1684925
Filename
1684925
Link To Document