Skip to main content
Book Chapter

Toward automated intrusion alert analysis

Springer US, (2010), 175-205
DOI: 10.1007/978-0-387-73821-5_8
3Citations
Citations of this article
10Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Traditional intrusion detection systems (IDSs) focus on low-level attacks or anomalies and raise alerts independently, though there may be logical connections between them. In situations where there are intensive attacks, not only will actual alerts be mixed with false alerts, but the amount of alerts will also become unmanageable. As a result, it is difficult for human users or intrusion response systems to understand the alerts and take appropriate actions. Therefore, it is necessary to develop techniques to construct attack scenarios (i.e., steps that attackers use in their attacks) from alerts to facilitate intrusion analysis. © 2010 Springer Science+Business Media, LLC.

Cite

CITATION STYLE

APA

Ning, P., & Xu, D. (2010). Toward automated intrusion alert analysis. In Network Security (pp. 175–205). Springer US. https://doi.org/10.1007/978-0-387-73821-5_8

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free