The use of alert correlation methods in Distributed Intrusion Detection Systems (DIDS) has become an important process to address some of the current problems in this area. However, the efficiency obtained is far from optimal results. This paper presents a novel approach based on the integration of multiple correlation methods by using the neural network Growing Neural Gas (GNG). Moreover, since correlation systems have different detection capabilities, we have modified the learning algorithm to positively weight the best performing systems. The results show the validity of the proposal, both the multiple integration approach using GNG neural network and the weighting based on efficiency. © 2011 Springer-Verlag.
CITATION STYLE
Mora-Gimeno, F. J., Maciá-Pérez, F., Lorenzo-Fonseca, I., Gil-Martínez-Abarca, J. A., Marcos-Jorquera, D., & Gilart-Iglesias, V. (2011). Security alert correlation using growing neural gas. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6694 LNCS, pp. 76–83). https://doi.org/10.1007/978-3-642-21323-6_10
Mendeley helps you to discover research relevant for your work.