Title :
Event-Driven Architecture for Intrusion Detection Systems Based on Patterns
Author :
Molina, Jesús J Martínez ; Hernandez Ruiz, M.A. ; Perez, Manuel ; Perez, G.M. ; Skarmeta, Antonio F Gómez
Author_Institution :
Dept. de Ing. de la Inf. y las Comun., Murcia Univ., Murcia
Abstract :
Intrusion detection systems (IDS) are usually one of the basic mechanisms in use when defining security measures in one organization. However, there are a few active research lines still to be addressed regarding these complex systems. This is the case of event aggregation and correlation when dealing with complex attacks, or the improvement in flexibility when dealing with different versions (mutations) of a given attack. These are two of the main objectives of the research work done so far in our group. As part of this effort, this paper presents an event-driven and multi-layer architecture based on the concept of pattern and where concepts such as similarity and credibility degrees are presented as part of a probabilistic approach for dealing with possible variations of a given attack.
Keywords :
security of data; complex attacks; event aggregation; event correlation; event-driven architecture; intrusion detection system; multilayer architecture; security measures; Aggregates; Computer networks; Computer worms; Concrete; Gas insulated transmission lines; Genetic mutations; Information security; Intrusion detection; Telecommunication traffic; attack graph; intrusion detection; network security; pattern-based architecture;
Conference_Titel :
Emerging Security Information, Systems and Technologies, 2008. SECURWARE '08. Second International Conference on
Conference_Location :
Cap Esterel
Print_ISBN :
978-0-7695-3329-2
Electronic_ISBN :
978-0-7695-3329-2
DOI :
10.1109/SECURWARE.2008.49
