Security alert correlation using growing neural gas
作者: Francisco José Mora-Gimeno , Francisco Maciá-Pérez , Iren Lorenzo-Fonseca , Juan Antonio Gil-Martínez-Abarca , Diego Marcos-Jorquera
DOI: 10.1007/978-3-642-21323-6_10
关键词:
摘要: The use of alert correlation methods in Distributed Intrusion Detection Systems (DIDS) has become an important process to address some the current problems this area. However, efficiency obtained is far from optimal results. This paper presents a novel approach based on integration multiple by using neural network Growing Neural Gas (GNG). Moreover, since systems have different detection capabilities, we modified learning algorithm positively weight best performing systems. results show validity proposal, both GNG and weighting efficiency.
springer.com
acm.org
sci-hub.st 参考文章(22)
Iren Lorenzo-Fonseca, Francisco Maciá-Pérez, Francisco José Mora-Gimeno, Rogelio Lau-Fernández, Juan Antonio Gil-Martínez-Abarca, Diego Marcos-Jorquera, Intrusion Detection Method Using Neural Networks Based on the Reduction of Characteristics Lecture Notes in Computer Science. pp. 1296- 1303 ,(2009) , 10.1007/978-3-642-02478-8_162
Peng Ning, Christopher G. Healey, Robert St. Amant, Dingbang Xu, Building Attack Scenarios through Integration of Complementary Alert Correlation Method. network and distributed system security symposium. ,(2004)
Mohamed Awad, A.I. Abdel-Fatah, Mohamed Abdel-Azim, Performance analysis of artificial neural network intrusion detection systems international conference on electrical and electronics engineering. ,(2009) , 10.1109/ELECO.2009.5355338
Xinzhou Qin, Wenke Lee, Discovering Novel Attack Strategies from INFOSEC Alerts Computer Security – ESORICS 2004. pp. 439- 456 ,(2004) , 10.1007/978-3-540-30108-0_27
Guofei Gu, Prahlad Fogla, David Dagon, Wenke Lee, Boris Skorić, Measuring intrusion detection capability Proceedings of the 2006 ACM Symposium on Information, computer and communications security - ASIACCS '06. pp. 90- 101 ,(2006) , 10.1145/1128817.1128834
Francisco Sandoval, Joan Cabestany, Alberto Prieto, Bio-inspired systems. Computational and ambient intelligence Neurocomputing. ,vol. 74, pp. 2591- 2593 ,(2009) , 10.1016/J.NEUCOM.2011.04.005
Peter Teufl, Udo Payer, Reinhard Fellner, Event Correlation on the Basis of Activation Patterns parallel, distributed and network-based processing. pp. 631- 640 ,(2010) , 10.1109/PDP.2010.80
Jingmin Zhou, Mark Heckman, Brennen Reynolds, Adam Carlson, Matt Bishop, Modeling network intrusion detection alerts for correlation ACM Transactions on Information and System Security. ,vol. 10, pp. 4- ,(2007) , 10.1145/1210263.1210267
Jimmy Shun, Heidar A. Malki, Network Intrusion Detection System Using Neural Networks international conference on natural computation. ,vol. 5, pp. 242- 246 ,(2008) , 10.1109/ICNC.2008.900
Alfonso Valdes, Keith Skinner, Probabilistic Alert Correlation recent advances in intrusion detection. pp. 54- 68 ,(2001) , 10.1007/3-540-45474-8_4