Intrusion alert correlation is multi-step processes that receives alerts from heterogeneous log resources as input and produce a high-level description of the malicious activity on the network. The objective of this study is to analyse the current alert correlation technique and identify the significant criteria in each technique that can improve the Intrusion Detection System (IDS) problem such as prone to alert flooding, contextual problem, false alert and scalability. The existing alert correlation techniques had been reviewed and analysed. From the analysis, six capability criteria have been identified to improve the current alert correlation technique. They are capability to do alert reduction, alert clustering, identify multi-step att...
Abstract—Intrusion Detection Systems (IDS) have been widely deployed in practice for detecting malic...
The most glaring and undeniable implementation issue since the very beginning of the IDS technology ...
An intrusion detection system (IDS) perform postcompromise detection of security breaches whenever p...
Intrusion alert correlation is multi-step processes that receives alerts from heterogeneous log reso...
Alert correlation is a process that analyses the alerts produced by one or more diverse devices and ...
An alert correlation is a high-level alert evaluation technique for managing large volumes of irrele...
Alert correlation is a process that analyzes the alerts produced by one or more intrusion detection ...
Alert correlation is a process that analyzes the raw alerts produced by one or more intrusion detect...
Several alert correlation methods were proposed in the past several years to construct high-level at...
An Intrusion Detection System (IDS) is one of the major techniques for securing information systems ...
Abstract. Alert correlation is a system which receives alerts from heterogene-ous Intrusion Detectio...
Management of intrusion alarms particularly in identifying malware attack is becoming more demanding...
Alert correlation is a process that analyzes the raw alerts produced by one or more intrusion detect...
The use of an Intrusion Detection System (IDS) as a security perimeter tool has many advantages but ...
Network Intrusion Detection Systems (NIDS) are designed to safeguard the security needs of enterpris...
Abstract—Intrusion Detection Systems (IDS) have been widely deployed in practice for detecting malic...
The most glaring and undeniable implementation issue since the very beginning of the IDS technology ...
An intrusion detection system (IDS) perform postcompromise detection of security breaches whenever p...
Intrusion alert correlation is multi-step processes that receives alerts from heterogeneous log reso...
Alert correlation is a process that analyses the alerts produced by one or more diverse devices and ...
An alert correlation is a high-level alert evaluation technique for managing large volumes of irrele...
Alert correlation is a process that analyzes the alerts produced by one or more intrusion detection ...
Alert correlation is a process that analyzes the raw alerts produced by one or more intrusion detect...
Several alert correlation methods were proposed in the past several years to construct high-level at...
An Intrusion Detection System (IDS) is one of the major techniques for securing information systems ...
Abstract. Alert correlation is a system which receives alerts from heterogene-ous Intrusion Detectio...
Management of intrusion alarms particularly in identifying malware attack is becoming more demanding...
Alert correlation is a process that analyzes the raw alerts produced by one or more intrusion detect...
The use of an Intrusion Detection System (IDS) as a security perimeter tool has many advantages but ...
Network Intrusion Detection Systems (NIDS) are designed to safeguard the security needs of enterpris...
Abstract—Intrusion Detection Systems (IDS) have been widely deployed in practice for detecting malic...
The most glaring and undeniable implementation issue since the very beginning of the IDS technology ...
An intrusion detection system (IDS) perform postcompromise detection of security breaches whenever p...