Alert Aggregation and Generating Reports in Intrusion Detection Systems
Now-a-day's, Intrusion Detection Systems (IDS) are used in many areas. It became an important tool for information security. Generally Intrusion Detection Systems are used to monitor the network, find the attacks and generate the reports to the administrator in system logs. In this paper, the authors propose a technique i.e., grouping the similar type of alerts and generate meta-alert, choosing response mechanism (block IP, shutdown etc) for user whenever an attack is generated and this response information is stored in log files.