|
| << previous | next >> |
Journal description
All volumes of the corresponding journal
All issues of the corresponding volume
All articles of the corresponding issues
Details for article 13 of 24 found articles
| Title: |
Instantiated First Order Qualitative Choice Logic for an efficient handling of alerts correlation |
| Author: |
Bouzar-Benlabiod, Lydia Benferhat, Salem Bouabana-Tebibel, Thouraya |
| Appeared in: |
Intelligent data analysis |
| Paging: | Volume 19 (2014) nr. 1 pages 3-27 |
| Year: |
2014-12-16 |
| Contents: |
Intrusion Detection Systems (IDS) are necessary and important tools for monitoring information systems. However they produce a huge quantity of alerts. Alerts correlation is a process that reduces the number of alerts reported by intrusion detection systems. In this paper, we propose a new algorithm for a logical-based alerts correlation approach that integrates: security operator's knowledge and preferences. The representation and the reasoning on these knowledge and preferences are done using a new logic called Instantiated First Order Qualitative Choice Logic (IFO-QCL). Our modeling views an alert as an interpretation which allows us to have an efficient algorithm that performs the correlation process in a polynomial time. This paper also provides experimental results which are achieved on datasets issued from a real monitoring system. |
| Publisher: |
IOS Press |
| Source file: |
Elektronische Wetenschappelijke Tijdschriften |
Details for article 13 of 24 found articles
| << previous | next >> |