To integrate network security devices to make them act as a battle team and efficiently handle the large amount of security events produced by various network applications, Network Security Intelligent Centralized Management is a basic solution. In this paper, we introduce an intelligent agent-oriented Network Security Intelligent Centralized Management System, and give a description about the system model, mechanism, hierarchy of security events, data flow diagram, filtering and transaction and normalization of security events, clustering and merging algorithm, and correlation algorithm. The experiment shows that the system can significantly reduce false positives and improve the quality of security events. It brings convenience for security administrators to integrate security devices and deal with large security events. © Springer-Verlag Berlin Heidelberg 2007.
CITATION STYLE
Ma, Y. M., Li, Z. T., Lei, J., Wang, L., & Li, D. (2007). An intelligent agent-oriented system for integrating network security devices and handling large amount of security events. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4430 LNCS, pp. 316–317). Springer Verlag. https://doi.org/10.1007/978-3-540-71549-8_37
Mendeley helps you to discover research relevant for your work.