Athira et al., 2016 - Google Patents
Standardisation and classification of alerts generated by intrusion detection systemsAthira et al., 2016
View PDF- Document ID
- 3443529625259589608
- Author
- Athira A
- Pathari V
- Publication year
- Publication venue
- IJCI, International Journal on Cybernetics & Informatics
External Links
Snippet
Intrusion detection systems are most popular de-fence mechanisms used to provide security to IT infrastructures. Organisation need best performance, so it uses multiple IDSs from different vendors. Different vendors are using different formats and protocols. Difficulty …
- 238000001514 detection method 0 title abstract description 30
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20220353286A1 (en) | Artificial intelligence cyber security analyst | |
| Aljawarneh et al. | Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model | |
| Sangkatsanee et al. | Practical real-time intrusion detection using machine learning approaches | |
| Garcia-Teodoro et al. | Anomaly-based network intrusion detection: Techniques, systems and challenges | |
| Ashraf et al. | A comparative study of data mining algorithms for high detection rate in intrusion detection system | |
| Qazi et al. | Effect of feature selection, SMOTE and under sampling on class imbalance classification | |
| Khosravi et al. | Alerts correlation and causal analysis for APT based cyber attack detection | |
| Ahmad et al. | Role of machine learning and data mining in internet security: standing state with future directions | |
| Dhakar et al. | A novel data mining based hybrid intrusion detection framework | |
| Kim et al. | Cost-effective valuable data detection based on the reliability of artificial intelligence | |
| Lee et al. | Real-time analysis of intrusion detection alerts via correlation | |
| Nalavade et al. | Mining association rules to evade network intrusion in network audit data | |
| Leite et al. | Actionable cyber threat intelligence for automated incident response | |
| Wang et al. | Combating alert fatigue with AlertPro: Context-aware alert prioritization using reinforcement learning for multi-step attack detection | |
| Teoh et al. | Analyst intuition inspired neural network based cyber security anomaly detection | |
| Dwivedi et al. | Event correlation for intrusion detection systems | |
| John | State of the art analysis of defense techniques against advanced persistent threats | |
| Athira et al. | Standardisation and classification of alerts generated by intrusion detection systems | |
| Sarhan et al. | Doc-nad: A hybrid deep one-class classifier for network anomaly detection | |
| Nalavade et al. | Finding frequent itemsets using apriori algorithm to detect intrusions in large dataset | |
| Rostamipour et al. | Network attack origin forensics with fuzzy logic | |
| Rani et al. | Analysis of machine learning and deep learning intrusion detection system in Internet of Things network | |
| Xu et al. | Understanding and bridging the gap between unsupervised network representation learning and security analytics | |
| El Farissi et al. | The analysis performance of an intrusion detection systems based on neural network | |
| Li et al. | A threat recognition solution of edge data security in industrial internet |