✦ LIBER ✦

Eliminating noise from intrusion detection systems

✍ Scribed by Gerhard Eschelbeck; Michael Krieger

Publisher: Elsevier Science
Year: 2003
Tongue: English
Weight: 269 KB
Volume: 8
Category: Article
ISSN: 1363-4127
DOI: 10.1016/s1363-4127(03)00004-9

No coin nor oath required. For personal study only.

✦ Synopsis

Effective noise reduction for intrusion detection systems (IDS) is a continuous area of research. One of the techniques for eliminating unqualified IDS alerts is to correlate them with environmental intelligence about the network and systems. This article provides an overview of correlation requirements with a proposed architecture and solution for the correlation and classification of IDS alerts in real time. The implementation of the QuIDScor correlation engine was validated on a realworld network and demonstrated a significant reduction of false alerts.

📜 SIMILAR VOLUMES

Intrusion Detection Systems and Intrusio

Intrusion Detection Systems and Intrusion Prevention Systems

✍ Andreas Fuchsberger 📂 Article 📅 2005 🏛 Elsevier Science 🌐 English ⚖ 110 KB

Automated intrusion detection systems an

Automated intrusion detection systems and network security

✍ Bill Hancock 📂 Article 📅 1998 🏛 Elsevier Science 🌐 English ⚖ 224 KB

Modeling requests among cooperating intr

Modeling requests among cooperating intrusion detection systems

✍ P Ning; X.S Wang; S Jajodia 📂 Article 📅 2000 🏛 Elsevier Science 🌐 English ⚖ 395 KB

It is important for intrusion detection systems (IDSs) to share information in order to discover attacks involving multiple sites. However, no framework exists for an IDS to request from and send to another IDS data relevant to specific events. The lack of such a framework may result in a waste of p

Hybrid flexible neural-tree-based intrus

Hybrid flexible neural-tree-based intrusion detection systems

✍ Yuehui Chen; Ajith Abraham; Bo Yang 📂 Article 📅 2007 🏛 John Wiley and Sons 🌐 English ⚖ 260 KB

An intrusion is defined as a violation of the security policy of the system, and, hence, intrusion detection mainly refers to the mechanisms that are developed to detect violations of system security policy. Current intrusion detection systems ~IDS! examine all data features to detect intrusion or m

Behavior-Based Intrusion Detection in Mo

Behavior-Based Intrusion Detection in Mobile Phone Systems

✍ Azzedine Boukerche; Mirela Sechi M. Annoni Notare 📂 Article 📅 2002 🏛 Elsevier Science 🌐 English ⚖ 397 KB

The field of mobile and wireless networking is reemerging amid unprecedented growth in the scale and diversity of computer networking. However, further increases in network security are necessary before the promise of mobile communication can be fulfilled. In this paper, we describe how neural netwo

Getting the most out of Intrusion Detect

Getting the most out of Intrusion Detection Systems

✍ Paul Midian 📂 Article 📅 2002 🏛 Elsevier Science 🌐 English ⚖ 161 KB