Adaptive IDS Alerts Correlation according to the traffic type and the attacks properties

Author

Sourour, Meharouech ; Adel, Bouhoula ; Tarek, Abbes

Author_Institution

Higher Sch. of Telecommun., Dept. of Comput. Sci. & Networks, SupCom

fYear

2009

fDate

6-7 March 2009

Firstpage

1653

Lastpage

1658

Abstract

Different network security solutions exist and contribute to enhanced security. From these solutions, Intrusion detection systems (IDS) have become one of the most common countermeasures for monitoring safety in computer systems and networks. However, In order to address these limitations, the paper presents a fast and efficient system classifying alerts into true positives and false positives and formulating more general alerts based on individual true positives. based on an adaptive alerts correlation.

Keywords

computer networks; correlation methods; telecommunication security; telecommunication traffic; adaptive alert correlation; false positive; individual true positive; intrusion detection system; network security solution; Computer networks; Computer science; Computer security; Computerized monitoring; Data security; Intrusion detection; Laboratories; Safety; Telecommunication computing; Telecommunication traffic; Alert correlation; False positives; Intrusion Detection Sytems; Network security;

fLanguage

English

Publisher

ieee

Conference_Titel

Advance Computing Conference, 2009. IACC 2009. IEEE International

Conference_Location

Patiala

Print_ISBN

978-1-4244-2927-1

Electronic_ISBN

978-1-4244-2928-8

Type

conf

DOI

10.1109/IADCC.2009.4809265

Filename

4809265