Provided by: International Journal of Computer Science and Communication Networks (IJCSCN)
Topic: Data Management
Date Added: Jul 2012
Aware aggregation is an important subtask of Imposition detection. The goal is to identify and to cluster different awares produced by low-level Imposition detection systems, firewalls, etc. Belonging to a specific attack instance which has been initiated by an attacker at a certain point in time. Thus, meta-awares can be generated for the clusters that contain all the relevant information whereas the amount of data (i.e., awares) can be reduced substantially. Meta-awares may then be the basis for reporting to security experts or for communication within a distributed Imposition detection system.