Title :
A Survey of Alert Fusion Techniques for Security Incident
Author :
Zang, Tianning ; Yun, Xiaochun ; Zhang, Yongzheng
Author_Institution :
Harbin Eng. Univ., Harbin
Abstract :
Security incident have been imposing tremendous threats on todaypsilas network information system. To protect this information system from the increasing threat of intrusion, various kinds of detection systems and sensors for security incident have been developed. The main disadvantages of current systems and sensors are a high false detection rate and the lack of post-incident decision support capability. To minimize these drawbacks, various alert fusion technologies have been proposed in the recent years. This paper presents a general summary of these technologies. Basic models and key technologies of alert fusion are analyzed and discussed. Moreover, important aggregation and correlation algorithms are discussed. Finally, we make concluding remarks by predicting the development tendencies of alert correlation technologies.
Keywords :
security of data; sensor fusion; alert correlation; alert fusion; intrusion detection system; network information system; security incident sensors; Aggregates; Clocks; Data security; Humans; Information management; Information security; Network servers; Protocols; Sensor phenomena and characterization; Sensor systems; Aggregation; Alert Fusion; Correlation; Security Incident;
Conference_Titel :
Web-Age Information Management, 2008. WAIM '08. The Ninth International Conference on
Conference_Location :
Zhangjiajie Hunan
Print_ISBN :
978-0-7695-3185-4
Electronic_ISBN :
978-0-7695-3185-4
DOI :
10.1109/WAIM.2008.104
