An Analysis of Correlations of Intrusion Alerts in an NREN
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F14%3A10130412" target="_blank" >RIV/63839172:_____/14:10130412 - isvavai.cz</a>
Alternative codes found
RIV/00216305:26230/14:PU111937
Result on the web
<a href="http://dx.doi.org/10.1109/CAMAD.2014.7033255" target="_blank" >http://dx.doi.org/10.1109/CAMAD.2014.7033255</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1109/CAMAD.2014.7033255" target="_blank" >10.1109/CAMAD.2014.7033255</a>
Alternative languages
Result language
angličtina
Original language name
An Analysis of Correlations of Intrusion Alerts in an NREN
Original language description
An ever increasing impact and amount of network attacks have driven many organizations to deploy various network monitoring and analysis systems such as honeypots, intrusion detection systems, log analyzers and flow monitors. Besides improving these systems a logical next step is to collect and correlate alerts from multiple systems distributed across organizations. The idea is to leverage a joint effect of multiple monitoring systems to build a more robust and efficient system, ideally, lacking the shortcomings of the individual contributing systems. This paper presents an analysis of alert reports gathered from several such detectors deployed in national research and education network (NREN). The analysis focuses on the correlations of reported events in temporal domain as well as on the correlations of different event types.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
IN - Informatics
OECD FORD branch
—
Result continuities
Project
Result was created during the realization of more than one project. More information in the Projects tab.
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)
Others
Publication year
2014
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
2014 IEEE 19th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD)
ISBN
978-1-4799-5725-5
ISSN
—
e-ISSN
—
Number of pages
5
Pages from-to
305-309
Publisher name
IEEE
Place of publication
Athény, Řecko
Event location
Athény, Řecko
Event date
Dec 1, 2014
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
—