An incident analysis system NICTER and its analysis engines based on data mining techniques
ICONIP'08 Proceedings of the 15th international conference on Advances in neuro-information processing - Volume Part I
| Hi-index | 0.00 |
This paper serves to introduce the SANS Internet Storm Center, and more specifically, its data collection and analysis processes pertaining to information security incidents. It reviews both the technical means of collection as those that rely on human input, and describes the various analysis and output processes. In addition, it provides some case studies on how incidents are handled using the tools available.