• DocumentCode
    2950977
  • Title

    New correlation method for an efficient intrusion detection system

  • Author

    Meddeb-Makhlouf, Amel ; Guemara-Elfatmi, Sihem ; Barrah, Sihem

  • Author_Institution
    Univ. of 7th of November, Carthage
  • fYear
    2005
  • fDate
    11-14 Dec. 2005
  • Firstpage
    1
  • Lastpage
    4
  • Abstract
    This paper presents a new approach for the design of a correlation process to be used by intrusion detection systems to detect distributed attacks. The goal of this approach is to add more efficiency to the traditional correlation methods by considering two additional paradigms: similarity and distance approximation. It helps reducing the detection time and permits the security system to attempt detecting unknown attacks, in addition to the set of attacks predefined in ad hoc libraries.
  • Keywords
    approximation theory; correlation methods; security of data; ad hoc libraries; correlation method; distance approximation; distributed attacks; intrusion detection system; similarity paradigm; Communication networks; Communication system security; Computer networks; Computer security; Correlation; Data security; Intrusion detection; Libraries;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Electronics, Circuits and Systems, 2005. ICECS 2005. 12th IEEE International Conference on
  • Conference_Location
    Gammarth
  • Print_ISBN
    978-9972-61-100-1
  • Electronic_ISBN
    978-9972-61-100-1
  • Type

    conf

  • DOI
    10.1109/ICECS.2005.4633483
  • Filename
    4633483