Skip to main content
Conference Proceedings

Using time series 3D AlertGraph and false alert classification to analyse Snort alerts

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2008) 5210 LNCS 169-180
DOI: 10.1007/978-3-540-85933-8_17
7Citations
Citations of this article
18Readers
Mendeley users who have this article in their library.
Get full text

Abstract

A top-level overview of Snort alerts using 3D visual and alert classification is discussed. This paper describes the top-level view (time series 3D AlertGraph) with the integration of alert classification to visualise Snort alerts. The advantages of using this view are (1) It summarised the alerts into different colours to indicate the quantity of alerts from (SRCIP, DPORT) pairs; (2) It used alert classification to highlight the true alerts; (3) Through interaction tools, the alerts can be highlighted according to the source IP, destination IP or destination port;. (4) A large numbers of alerts can be viewed in a single display and (5) A temporal characteristic of attacks can be discovered. © 2008 Springer-Verlag Berlin Heidelberg.

Author supplied keywords

Cite

CITATION STYLE

APA

Musa, S., & Parish, D. J. (2008). Using time series 3D AlertGraph and false alert classification to analyse Snort alerts. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5210 LNCS, pp. 169–180). https://doi.org/10.1007/978-3-540-85933-8_17

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free