Title :
A correlation analysis method of network security events based on rough set theory
Author :
Jing Liu ; Lize Gu ; Guosheng Xu ; Xinxin Niu
Author_Institution :
Inf. Security Center, Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
Network security event correlation can find real threat through correlating security events and logs generated by different security devices and can be aware of the network security situation accurately. This paper propose a network security events correlation scheme based on rough set, build database of network security events and knowledge base, gives rule generation method and rule matcher. This method solves the simplification and correlation of massive security events through combining data discretization, attribute reduction, value reduction and rule generation.
Keywords :
computer network security; correlation methods; knowledge based systems; pattern matching; rough set theory; attribute reduction; correlation analysis; data discretization; knowledge base; network security event correlation; network security event database; real threat; rough set theory; rule generation method; rule matcher; security device; value reduction; Algorithm design and analysis; Correlation; Data mining; Entropy; Runtime; Security; Set theory; Correlation analysis; Network security event; Rough set; Sequence pattern;
Conference_Titel :
Network Infrastructure and Digital Content (IC-NIDC), 2012 3rd IEEE International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4673-2201-0
DOI :
10.1109/ICNIDC.2012.6418807
