Alert Correlation Technique Analysis For Diverse Log
Alert correlation is a process that analyses the alerts produced by one or more diverse devices and provides a more succinct and high-level view of occurring or attempted intrusions. The objective of this study is to analyse the current alert correlation technique and identify the significant criter...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | en |
| Published: |
Universiti Teknikal Malaysia Melaka
2008
|
| Subjects: | |
| Online Access: | http://eprints.utem.edu.my/id/eprint/58/1/07-%2865-76%29.pdf http://eprints.utem.edu.my/id/eprint/58/ http://jamt.utem.edu.my/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832715927747035136 |
|---|---|
| author | Yusof, R. Selamat, S. R. Sahib, S. Abdollah, M. F. |
| author_facet | Yusof, R. Selamat, S. R. Sahib, S. Abdollah, M. F. |
| author_sort | Yusof, R. |
| building | UTEM Library |
| collection | Institutional Repository |
| content_provider | Universiti Teknikal Malaysia Melaka |
| content_source | UTEM Institutional Repository |
| continent | Asia |
| country | Malaysia |
| description | Alert correlation is a process that analyses the alerts produced by one or more diverse devices and provides a more succinct and high-level view of occurring or attempted intrusions. The objective of this study is to analyse the current alert correlation technique and identify the significant criteria in each technique that can improve the Intrusion Detection System IDS) problem such as prone to alert flooding, contextual problem, false alert and scalability. The existing alert correlation techniques had been reviewed and analysed. From the analysis, six capability criteria have been identified to improve the current alert correlation techniques which are capability to do alert reduction, alert clustering, identify multi-step attack,reduce false alert, detect known attack and detect unknown attack and technique’s combination is proposed. |
| format | Article |
| id | my.utem.eprints-58 |
| institution | Universiti Teknikal Malaysia Melaka |
| language | en |
| publishDate | 2008 |
| publisher | Universiti Teknikal Malaysia Melaka |
| record_format | eprints |
| spelling | my.utem.eprints-582021-09-19T16:40:22Z http://eprints.utem.edu.my/id/eprint/58/ Alert Correlation Technique Analysis For Diverse Log Yusof, R. Selamat, S. R. Sahib, S. Abdollah, M. F. Q Science (General) Alert correlation is a process that analyses the alerts produced by one or more diverse devices and provides a more succinct and high-level view of occurring or attempted intrusions. The objective of this study is to analyse the current alert correlation technique and identify the significant criteria in each technique that can improve the Intrusion Detection System IDS) problem such as prone to alert flooding, contextual problem, false alert and scalability. The existing alert correlation techniques had been reviewed and analysed. From the analysis, six capability criteria have been identified to improve the current alert correlation techniques which are capability to do alert reduction, alert clustering, identify multi-step attack,reduce false alert, detect known attack and detect unknown attack and technique’s combination is proposed. Universiti Teknikal Malaysia Melaka 2008-07 Article NonPeerReviewed text en http://eprints.utem.edu.my/id/eprint/58/1/07-%2865-76%29.pdf Yusof, R. and Selamat, S. R. and Sahib, S. and Abdollah, M. F. (2008) Alert Correlation Technique Analysis For Diverse Log. Journal of Advanced Manufacturing Technology, 2 (2). pp. 65-76. ISSN 1985-3157 July-December 2008 http://jamt.utem.edu.my/ |
| spellingShingle | Q Science (General) Yusof, R. Selamat, S. R. Sahib, S. Abdollah, M. F. Alert Correlation Technique Analysis For Diverse Log |
| title | Alert Correlation Technique Analysis For Diverse Log |
| title_full | Alert Correlation Technique Analysis For Diverse Log |
| title_fullStr | Alert Correlation Technique Analysis For Diverse Log |
| title_full_unstemmed | Alert Correlation Technique Analysis For Diverse Log |
| title_short | Alert Correlation Technique Analysis For Diverse Log |
| title_sort | alert correlation technique analysis for diverse log |
| topic | Q Science (General) |
| url | http://eprints.utem.edu.my/id/eprint/58/1/07-%2865-76%29.pdf http://eprints.utem.edu.my/id/eprint/58/ http://jamt.utem.edu.my/ |
| url_provider | http://eprints.utem.edu.my/ |