Artificial Immunity-Based Correlation System

Date Added: May 2011
Format: PDF

Security Information Event Management (SIEM) technologies focus on developing effective methods and tools to assist network administrators during the whole network security management. Though there is a vast number of novel initiatives and contributions in providing adaptiveness and intelligence in this research field, there are still many problems that need be solved. In particular, event correlation are currently emerging as an essential field to be optimized specially due to the widespread adoption of botnets to launch attacks. This position paper explores the biological immune system's characteristics of learning and memory to solve the automatic generation of event correlation rules by applying Artificial Immune Systems (AISs).