Event-Driven Architecture for Intrusion Detection Systems Based on Patterns

  • Authors:

  • Jesús J. Martínez Molina;Miguel A. Hernández Ruíz;Manuel Gil Pérez;Gregorio Martínez Pérez;Antonio F. Gómez Skarmeta

  • Affiliations:

  • -;-;-;-;-

  • Venue:
  • SECURWARE '08 Proceedings of the 2008 Second International Conference on Emerging Security Information, Systems and Technologies
  • Year:
  • 2008

Quantified Score

Hi-index 0.00

Visualization

Abstract

Intrusion Detection Systems (IDS) are usually one of the basic mechanisms in use when defining security measures in one organization. However, there are a few active research lines still to be addressed regarding these complex systems. This is the case of event aggregation and correlation when dealing with complex attacks, or the improvement in flexibility when dealing with different versions (mutations) of a given attack. These are two of the main objectives of the research work done so far in our group. As part of this effort, this paper presents an event-driven and multi-layer architecture based on the concept of pattern and where concepts such as similarity and credibility degrees are presented as part of a probabilistic approach for dealing with possible variations of a given attack.