|
| << vorige | volgende >> |
Tijdschrift beschrijving
Alle jaargangen van het bijbehorende tijdschrift
Alle afleveringen van het bijbehorende jaargang
Alle artikelen van de bijbehorende aflevering
Details van artikel 13 van 24 gevonden artikelen
| Titel: |
Instantiated First Order Qualitative Choice Logic for an efficient handling of alerts correlation |
| Auteur: |
Bouzar-Benlabiod, Lydia Benferhat, Salem Bouabana-Tebibel, Thouraya |
| Verschenen in: |
Intelligent data analysis |
| Paginering: | Jaargang 19 (2014) nr. 1 pagina's 3-27 |
| Jaar: |
2014-12-16 |
| Inhoud: |
Intrusion Detection Systems (IDS) are necessary and important tools for monitoring information systems. However they produce a huge quantity of alerts. Alerts correlation is a process that reduces the number of alerts reported by intrusion detection systems. In this paper, we propose a new algorithm for a logical-based alerts correlation approach that integrates: security operator's knowledge and preferences. The representation and the reasoning on these knowledge and preferences are done using a new logic called Instantiated First Order Qualitative Choice Logic (IFO-QCL). Our modeling views an alert as an interpretation which allows us to have an efficient algorithm that performs the correlation process in a polynomial time. This paper also provides experimental results which are achieved on datasets issued from a real monitoring system. |
| Uitgever: |
IOS Press |
| Bronbestand: |
Elektronische Wetenschappelijke Tijdschriften |
Details van artikel 13 van 24 gevonden artikelen
| << vorige | volgende >> |