DocumentCode
2950977
Title
New correlation method for an efficient intrusion detection system
Author
Meddeb-Makhlouf, Amel ; Guemara-Elfatmi, Sihem ; Barrah, Sihem
Author_Institution
Univ. of 7th of November, Carthage
fYear
2005
fDate
11-14 Dec. 2005
Firstpage
1
Lastpage
4
Abstract
This paper presents a new approach for the design of a correlation process to be used by intrusion detection systems to detect distributed attacks. The goal of this approach is to add more efficiency to the traditional correlation methods by considering two additional paradigms: similarity and distance approximation. It helps reducing the detection time and permits the security system to attempt detecting unknown attacks, in addition to the set of attacks predefined in ad hoc libraries.
Keywords
approximation theory; correlation methods; security of data; ad hoc libraries; correlation method; distance approximation; distributed attacks; intrusion detection system; similarity paradigm; Communication networks; Communication system security; Computer networks; Computer security; Correlation; Data security; Intrusion detection; Libraries;
fLanguage
English
Publisher
ieee
Conference_Titel
Electronics, Circuits and Systems, 2005. ICECS 2005. 12th IEEE International Conference on
Conference_Location
Gammarth
Print_ISBN
978-9972-61-100-1
Electronic_ISBN
978-9972-61-100-1
Type
conf
DOI
10.1109/ICECS.2005.4633483
Filename
4633483
Link To Document