Title :
MS²IFS: A Multiple Source-Based Security Information Fusion System
Author :
Chang, Jun ; Yu, Jiang ; Pei, Yijian
Author_Institution :
Sch. of Inf. Sci. & Eng., Yunnan Univ., Kunming, China
Abstract :
Security Information Fusion System has recently become one of the major topics in the research area of information security. A great deal of security devices and components have been deployed in network information systems. While improving the systems security performance, they produced lots of redundant or unreliable information. Through the technologies of alert fusion and correlation analysis, alert redundancy can be decreased, administration pressure can be reduced and alert accuracy can be raised effectively. We propose the system architecture of multi-source security information fusion (MS2IFS), and discuss the design ideas and algorithm implementation of MS2IFS key modules. The results of testing on offline alert logs and online simulated attack data proved the feasibility and validity of MS2IFS system and satisfied the design requirement, presenting preferable.
Keywords :
security of data; telecommunication security; administration pressure; alert accuracy; alert fusion; alert redundancy; correlation analysis; information security; multiple source-based security information fusion system; network information systems; offline alert logs; online simulated attack data; security devices; system architecture; systems security performance; Algorithm design and analysis; Analytical models; Correlation; Redundancy; Security; Servers; alert correlation; information fusion; intrusion detection; risk evaluation;
Conference_Titel :
Communications and Intelligence Information Security (ICCIIS), 2010 International Conference on
Conference_Location :
Nanning
Print_ISBN :
978-1-4244-8649-6
Electronic_ISBN :
978-0-7695-4260-7
DOI :
10.1109/ICCIIS.2010.32
