Alert Aggregation and Generating Reports in Intrusion Detection Systems

Now-a-day's, Intrusion Detection Systems (IDS) are used in many areas. It became an important tool for information security. Generally Intrusion Detection Systems are used to monitor the network, find the attacks and generate the reports to the administrator in system logs. In this paper, the authors propose a technique i.e., grouping the similar type of alerts and generate meta-alert, choosing response mechanism (block IP, shutdown etc) for user whenever an attack is generated and this response information is stored in log files.

Provided by: International Journal on Computer Science and Technology (IJCST) Topic: Security Date Added: Dec 2012 Format: PDF

Find By Topic