Alert Aggregation and Generating Reports in Intrusion Detection Systems

Provided by: International Journal on Computer Science and Technology (IJCST)
Topic: Security
Format: PDF
Now-a-day's, Intrusion Detection Systems (IDS) are used in many areas. It became an important tool for information security. Generally Intrusion Detection Systems are used to monitor the network, find the attacks and generate the reports to the administrator in system logs. In this paper, the authors propose a technique i.e., grouping the similar type of alerts and generate meta-alert, choosing response mechanism (block IP, shutdown etc) for user whenever an attack is generated and this response information is stored in log files.

Find By Topic