Title :
Alert Verification Based on Attack Classification in Collaborative Intrusion Detection
Author :
Xiao, Min ; Xiao, Debao
Author_Institution :
Huazhong Normal Univ., Wuhan
fDate :
July 30 2007-Aug. 1 2007
Abstract :
The traditional intrusion detection system has the disadvantages of alert flooding and high false positive due to weak collaboration-awareness. The collaborative intrusion detection mechanism is advocated to overcome shortcomings of traditional IDS and alert verification and correlation are two important techniques to perform collaborative mechanisms. The goal of alert verification is to distinguish the false positives from true positives or confirm the confidence of the alert by integrating context information of protected network with alerts. In this paper, we present an alert verification scheme based on attack classification to achieve the objectives of low cost and high efficiency of verification process.
Keywords :
formal verification; groupware; pattern classification; security of data; alert verification; attack classification; collaborative intrusion detection; Collaborative software; Collaborative work; Computer security; Computerized monitoring; Costs; Distributed computing; Information security; International collaboration; Intrusion detection; Protection;
Conference_Titel :
Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, 2007. SNPD 2007. Eighth ACIS International Conference on
Conference_Location :
Qingdao
Print_ISBN :
978-0-7695-2909-7
DOI :
10.1109/SNPD.2007.216
