Abstract

Network intrusion detection sensors are usually built around low level models of network traffic. This means that their output is of a similarly low level and as a consequence, is difficult to analyze. Intrusion alert correlation is the task of automating some of this analysis by grouping related alerts together. Attack graphs provide an intuitive model for such analysis. Unfortunately alert flooding attacks can still cause a loss of service on sensors, and when performing attack graph correlation, there can be a large number of extraneous alerts included in the output graph. This obscures the fine structure of genuine attacks and makes them more difficult for human operators to discern. This paper explores modified correlation algorithms which attempt to minimize the impact of this attack.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Improving Attack Graph Visualization through Data Reduction and Attack Grouping
John Homer ... Xinming Ou
-
John Homer, et. al.John Homer ... Xinming Ou
27 Sep 2016
SAGE: Intrusion Alert-driven Attack Graph Extractor
Azqa Nadeem ... Shanchieh Jay Yang
-
Azqa Nadeem, et. al.Azqa Nadeem ... Shanchieh Jay Yang
01 Oct 2021
Intelligent Clustering with PCA and Unsupervised Learning Algorithm in Intrusion Alert Correlation
Maheyzah Md Siraj ... Mohd Aizaini Maarof
-
Maheyzah Md Siraj, et. al.Maheyzah Md Siraj ... Mohd Aizaini Maarof
01 Jan 2009
Real-Time Intrusion Alert Correlation System Based on Prerequisites and Consequence
Zhaowen Lin ... Shan Li
-
Zhaowen Lin, et. al.Zhaowen Lin ... Shan Li
01 Sep 2010
View more papers

More From: SSRN Electronic Journal

Paper Title
Journal
Date
Author
From bulk banana peels to active materials: slipping into bioplastic films with high UV-blocking and antioxidant properties
Rodrigo Duarte Silva ... Henriette Monteiro Cordeiro D Azeredo
SSRN Electronic Journal | VOL. -
Rodrigo Duarte Silva, et. al.Rodrigo Duarte Silva ... Henriette Monteiro Cordeiro D Azeredo
01 Jan 2024
Taking the Lid Off Canada’s MAID Law and Practice, (reviewing Medical Assistance in Dying (MAiD) in Canada: Key Multidisciplinary Perspectives Jaro Kotalik & David W. Shannon eds., 2023)
Trudo Lemmens
SSRN Electronic Journal | VOL. -
Trudo LemmensTrudo Lemmens
01 Jan 2024
Environmental Casualties: A Result of War
Priyanka Raghunathan
SSRN Electronic Journal | VOL. -
Priyanka RaghunathanPriyanka Raghunathan
01 Jan 2024
Ethical Dimensions of Clinical Data Sharing by Us Healthcare Organizations for Purposes Beyond Direct Patient Care: Interviews with Healthcare Leader
Brian Jackson ... Ross Koppel
SSRN Electronic Journal | VOL. -
Brian Jackson, et. al.Brian Jackson ... Ross Koppel
01 Jan 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.