• DocumentCode
    2799454
  • Title

    Structuring a Multi-violation Detectors Database for an Efficient Intrusion Detection

  • Author

    Meddeb-Makhlouf, Amel ; Hamdi, Mohamed ; Boudriga, Noureddine

  • Author_Institution
    Commun. Network & Security Res. Lab., Carthage
  • fYear
    2007
  • fDate
    13-16 May 2007
  • Firstpage
    825
  • Lastpage
    832
  • Abstract
    This paper proposes to manage data structures manipulated by the proposed correlation function based on a new concept called multi-violation detectors (MvD). The MvD-based correlation function manipulates events based on metrics that evaluate them. The detection and the correlation processes are managed using a MLP (multi-layer perceptron)-like network architecture. The manipulated data structures in the MLP-like network mainly include attacks, metrics and MvD values. To add more efficiency to the implemented processes, these values are managed through a structured database where an SQL-like language for MvD retrieval is introduced. The proposed approach is based on a relational calculus. Therefore, its completeness is mathematically proved.
  • Keywords
    SQL; data structures; database management systems; multilayer perceptrons; relational algebra; security of data; MvD retrieval; SQL-like language; correlation function; data structure; intrusion detection; multilayer perceptron; multiviolation detectors database; network architecture; relational calculus; structured database management; Calculus; Communication networks; Computer network management; Data engineering; Data security; Data structures; Detectors; Intrusion detection; Protection; Relational databases;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Systems and Applications, 2007. AICCSA '07. IEEE/ACS International Conference on
  • Conference_Location
    Amman
  • Print_ISBN
    1-4244-1030-4
  • Electronic_ISBN
    1-4244-1031-2
  • Type

    conf

  • DOI
    10.1109/AICCSA.2007.370728
  • Filename
    4231056