Ahmed, T. and Siraj, M. M. and Zainal, A. and Din, M. M. (2015) A taxonomy on intrusion alert aggregation techniques. In: 4th International Symposium on Biometrics and Security Technologies, ISBAST 2014, 26 - 27 August 2014, Kuala Lumpur, Malaysia.
Full text not available from this repository.
Official URL: http://dx.doi.org/10.1109/ISBAST.2014.70131292014
Abstract
As security threats advance in a drastic way, most of the organizations apply various intrusion detection systems (IDSs) to optimize detection and to provide comprehensive view of intrusion activities. But IDS produces huge number of duplicated alerts information that overwhelm security operator. Alert aggregation addresses this issue by reducing, fusing and clustering the alerts. Techniques from a different scope of disciplines have been proposed by researchers for different aspects of aggregation. In this paper we present a comprehensive review on proposed alert aggregation techniques. Our main contribution is to classify the literature based on the techniques applied to aggregate the alerts.
| Item Type: | Conference or Workshop Item (Paper) |
|---|---|
| Uncontrolled Keywords: | alert aggregation, clustering, IDS, taxonomy |
| Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
| Divisions: | Computing |
| ID Code: | 59124 |
| Deposited By: | Haliza Zainal |
| Deposited On: | 18 Jan 2017 01:50 |
| Last Modified: | 22 Aug 2021 07:10 |
Repository Staff Only: item control page
