A taxonomy on intrusion alert aggregation techniques
As security threats advance in a drastic way, most of the organizations apply various intrusion detection systems (IDSs) to optimize detection and to provide comprehensive view of intrusion activities. But IDS produces huge number of duplicated alerts information that overwhelm security operator. Al...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Conference or Workshop Item |
| Published: |
2015
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/59124/ http://dx.doi.org/10.1109/ISBAST.2014.70131292014 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Teknologi Malaysia |
| id |
my.utm.59124 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.591242021-08-22T07:10:50Z http://eprints.utm.my/id/eprint/59124/ A taxonomy on intrusion alert aggregation techniques Ahmed, T. Siraj, M. M. Zainal, A. Din, M. M. QA75 Electronic computers. Computer science As security threats advance in a drastic way, most of the organizations apply various intrusion detection systems (IDSs) to optimize detection and to provide comprehensive view of intrusion activities. But IDS produces huge number of duplicated alerts information that overwhelm security operator. Alert aggregation addresses this issue by reducing, fusing and clustering the alerts. Techniques from a different scope of disciplines have been proposed by researchers for different aspects of aggregation. In this paper we present a comprehensive review on proposed alert aggregation techniques. Our main contribution is to classify the literature based on the techniques applied to aggregate the alerts. 2015 Conference or Workshop Item PeerReviewed Ahmed, T. and Siraj, M. M. and Zainal, A. and Din, M. M. (2015) A taxonomy on intrusion alert aggregation techniques. In: 4th International Symposium on Biometrics and Security Technologies, ISBAST 2014, 26 - 27 August 2014, Kuala Lumpur, Malaysia. http://dx.doi.org/10.1109/ISBAST.2014.70131292014 |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Ahmed, T. Siraj, M. M. Zainal, A. Din, M. M. A taxonomy on intrusion alert aggregation techniques |
| description |
As security threats advance in a drastic way, most of the organizations apply various intrusion detection systems (IDSs) to optimize detection and to provide comprehensive view of intrusion activities. But IDS produces huge number of duplicated alerts information that overwhelm security operator. Alert aggregation addresses this issue by reducing, fusing and clustering the alerts. Techniques from a different scope of disciplines have been proposed by researchers for different aspects of aggregation. In this paper we present a comprehensive review on proposed alert aggregation techniques. Our main contribution is to classify the literature based on the techniques applied to aggregate the alerts. |
| format |
Conference or Workshop Item |
| author |
Ahmed, T. Siraj, M. M. Zainal, A. Din, M. M. |
| author_facet |
Ahmed, T. Siraj, M. M. Zainal, A. Din, M. M. |
| author_sort |
Ahmed, T. |
| title |
A taxonomy on intrusion alert aggregation techniques |
| title_short |
A taxonomy on intrusion alert aggregation techniques |
| title_full |
A taxonomy on intrusion alert aggregation techniques |
| title_fullStr |
A taxonomy on intrusion alert aggregation techniques |
| title_full_unstemmed |
A taxonomy on intrusion alert aggregation techniques |
| title_sort |
taxonomy on intrusion alert aggregation techniques |
| publishDate |
2015 |
| url |
http://eprints.utm.my/id/eprint/59124/ http://dx.doi.org/10.1109/ISBAST.2014.70131292014 |
| _version_ |
1709667349117796352 |