CURE: an efficient clustering algorithm for large databases
SIGMOD '98 Proceedings of the 1998 ACM SIGMOD international conference on Management of data
Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
Discovery of Frequent Episodes in Event Sequences
Data Mining and Knowledge Discovery
Probabilistic Alert Correlation
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Hi-index | 0.00 |
Architecture of the policy-based network management has a hierarchical structure that consists of management layer and enforcement layer. A security policy server in the management layer should be able to generate new policy, delete, update the existing policy and decide the policy when security policy is requested. Therefore the security policy server must analyze and manage alert messages received from policy enforcement system. In this paper, we propose an alert analyzer with data mining engine. It is a helpful system to manage the fault users or hosts. The implemented mining system supports the alert analyzer and the high level analyzer efficiently for the security policy management.