Scalable, graph-based network vulnerability analysis
Proceedings of the 9th ACM conference on Computer and communications security
Aggregation and Correlation of Intrusion-Detection Alerts
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Techniques and tools for analyzing intrusion alerts
ACM Transactions on Information and System Security (TISSEC)
A Comprehensive Approach to Intrusion Detection Alert Correlation
IEEE Transactions on Dependable and Secure Computing
Data warehousing and data mining techniques for intrusion detection systems
Distributed and Parallel Databases
Using the vulnerability information of computer systems to improve the network security
Computer Communications
TRINETR: An architecture for collaborative intrusion detection and knowledge-based alert evaluation
Advanced Engineering Informatics
Hi-index | 0.00 |
With increasing intrusions and attacks on the Internet, there is an urgent need to develop techniques for network security. Current standalone network security products, such as the firewall systems, the Intrusion Detection System (IDS), the anti-virus software, the vulnerability scanning software are not capable of withstanding the onslaught of various network threats. As a result, new security paradigms, which integrate some security devices closely to provide accurate alerts and attain enhanced protection are emerging. In order to achieve better network security, in this paper we present an adaptive architecture of applying vulnerability analysis for multiple detection sensors to detect network intrusions. The architecture is designed as a layer above intrusion detection aimed at classifying the alerts overload with different severity by correlating results from multiple sensors and integrating vulnerability analysis. Intrusion Detection produces basic alerts for further evaluation, whereas vulnerability analysis provides important information to help identify the alerts. At the same time, the whole process is made more efficient and effective by using predicate-based evaluation.