International Journal of Advanced Research in Computer Science and Software Engineering (IJARCSSE)
Security plays an important role in IT systems. Intrusion detection systems can be used to ensure security in a network. The existing IDSs (Intrusion Detection Systems) such as Firewall, Snort provide huge number of alerts as they monitor the network flows. Since the number of alerts is plenty, the network administrator might be confused to know exact problem. In this paper, the authors proposed a framework which aggregates alerts and generates few Meta alerts. These Meta alerts can be understood by the network personnel quickly and take decisions immediately. A data stream version of maximum likelihood approach is used in the framework. The experimental results revealed that the framework is very useful and can be used in the real world networks.