Data Reduction in Intrusion Alert Correlation

Data Reduction in Intrusion Alert Correlation

Network intrusion detection sensors are usually built around low level models of network traffic. This means that their output is of a similarly low level and as a consequence, is difficult to analyze. Intrusion alert correlation is the task of automating some of this analysis by grouping related al...

Full description

Bibliographic Details
Main Authors: Tedesco, Gianni, Aickelin, Uwe
Format: Article
Published: 2006
Subjects:
Intrusion Detection Systems
Alert Correlation
Attack Graphs
Denial of Service Attacks
Token Bucket Filter
Online Access:https://eprints.nottingham.ac.uk/365/

Internet

https://eprints.nottingham.ac.uk/365/

Similar Items