All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

AIDA Framework: Real-Time Correlation and Prediction of Intrusion Detection Alerts

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F19%3A00109946" target="_blank" >RIV/00216224:14610/19:00109946 - isvavai.cz</a>

  • Result on the web

    <a href="https://dl.acm.org/doi/10.1145/3339252.3340513" target="_blank" >https://dl.acm.org/doi/10.1145/3339252.3340513</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1145/3339252.3340513" target="_blank" >10.1145/3339252.3340513</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    AIDA Framework: Real-Time Correlation and Prediction of Intrusion Detection Alerts

  • Original language description

    In this paper, we present AIDA, an analytical framework for processing intrusion detection alerts with a focus on alert correlation and predictive analytics. The framework contains components that filter, aggregate, and correlate the alerts, and predict future security events using the predictive rules distilled from historical records. The components are based on stream processing and use selected features of data mining (namely sequential rule mining) and complex event processing. The framework was deployed as an analytical component of an alert sharing platform, where alerts from intrusion detection systems, honeypots, and other data sources are exchanged among the community of peers. The deployment is briefly described and evaluated to illustrate the capabilities of the framework in practice. Further, the framework may be deployed locally for experimentations over datasets.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    10200 - Computer and information sciences

Result continuities

  • Project

    <a href="/en/project/EF16_019%2F0000822" target="_blank" >EF16_019/0000822: CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2019

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Proceedings of the 14th International Conference on Availability, Reliability and Security (ARES 2019)

  • ISBN

    9781450371643

  • ISSN

  • e-ISSN

  • Number of pages

    8

  • Pages from-to

    „81:1“-„81:8“

  • Publisher name

    ACM

  • Place of publication

    New York

  • Event location

    Canterbury

  • Event date

    Aug 26, 2019

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

    000552726400081

Similar results(10)

Predictive Cyber Situational Awareness and Personalized Blacklisting: A Sequential Rule Mining ApproachPredictions of Network Attacks in Collaborative EnvironmentSoftware pro inteligentní analýzu bezpečnostních událostí (iABU)