Skip to main content
Conference Proceedings

The AC-index: Fast online detection of correlated alerts

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2015) 9331 107-122
DOI: 10.1007/978-3-319-24858-5_7
4Citations
Citations of this article
4Readers
Mendeley users who have this article in their library.
Get full text

Abstract

We propose an indexing technique for alert correlation that supports DFA-like patterns with user-defined correlation functions. Our AC-Index supports (i) the retrieval of the top-k (possibly noncontiguous) sub-sequences, ranked on the basis of an arbitrary userprovided severity function, (ii) the concurrent retrieval of sub-sequences that match any pattern in a given set, (iii) the retrieval of partial occurrences of the patterns, and (iv) the online processing of streaming logs. The experimental results confirm that, although the supported model is very expressive, the AC-Index is able to guarantee a very high efficiency of the retrieval process.

Cite

CITATION STYLE

APA

Pugliese, A., Rullo, A., & Piccolo, A. (2015). The AC-index: Fast online detection of correlated alerts. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9331, pp. 107–122). Springer Verlag. https://doi.org/10.1007/978-3-319-24858-5_7

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free