Enriching Alert Analysis and Threat Evaluation Techniques in Network Situation Awareness (NSA)
A network is a connection of devices, where each node (device) is said to have wired or wireless connection between them. And now a day's most of the threat comes to the network by either from outside or from a sort of situation which arises internally due to many reasons. So the Intrusions or threat which arises due to these situations are generally more damageable than the normal ones. So in this paper it is giving a technique to analyze alert which is given by IDS in the authors' network system. Here, they are analyzing intrusions which are given by IDS like snort or many others. By using algorithms like correlation of isolated alerts-to-alert - pair, attack graph generation.