Add to ORKGIntrusion detection is an important part of networkedsystems security protection. Although commercial products exist, finding intrusions has proven to be a difficult task with limitations under current techniques. Therefore, improved techniques are needed. We argue the need for correlating data among different logs to improve intrusion detection systems accuracy. We show how different attacks are reflected in different logs and argue that some attacks are not evident when a single log is analyzed. We present experimental results using anomaly detection for the virus Yaha. Through the use of data mining tools (RIPPER) and correlation among logs we improve the effectiveness of an intrusion detection system while reducing false positives. 1
Keeping networks secure has never been such an imperative task as today. Threats come from hardware ...
Intrusion Detection Systems (IDS), designed during the early era of the Internet to protect against ...
Part 6: Monitoring Methods for Quality-of-Service and SecurityInternational audienceThe rapid develo...
Activity logs can be used for intrusion detection; however, most previous work on intrusion detecti...
Log data adapted for intrusion detection is a little explored research issue despite its importance ...
World Wide Web is widely accessed by people for accessing services, social networking and so on. All...
Log analysis is an efficiency way to detect threats by scrutinizing the events recorded by the opera...
International audienceGenerally, the intruder must perform several actions, organized in an intrusio...
Intrusion alert correlation is multi-step processes that receives alerts from heterogeneous log reso...
Network intrusion detection sensors are usually built around low level models of network traffic. Th...
The quality of log data is vital to the intrusion detection process. At the same time, it is very mu...
The detectors for watching, keeping and reporting records of digital activities that have the tenden...
Intrusion alert correlation is multi-step processes that receives alerts from heterogeneous log reso...
The sheer number of different attack vectors and large amount of data produced by computer systems m...
Web applications are vulnerable to a variety of new security threats. SQL Injection Attacks (SQLIAs)...
Keeping networks secure has never been such an imperative task as today. Threats come from hardware ...
Intrusion Detection Systems (IDS), designed during the early era of the Internet to protect against ...
Part 6: Monitoring Methods for Quality-of-Service and SecurityInternational audienceThe rapid develo...
Activity logs can be used for intrusion detection; however, most previous work on intrusion detecti...
Log data adapted for intrusion detection is a little explored research issue despite its importance ...
World Wide Web is widely accessed by people for accessing services, social networking and so on. All...
Log analysis is an efficiency way to detect threats by scrutinizing the events recorded by the opera...
International audienceGenerally, the intruder must perform several actions, organized in an intrusio...
Intrusion alert correlation is multi-step processes that receives alerts from heterogeneous log reso...
Network intrusion detection sensors are usually built around low level models of network traffic. Th...
The quality of log data is vital to the intrusion detection process. At the same time, it is very mu...
The detectors for watching, keeping and reporting records of digital activities that have the tenden...
Intrusion alert correlation is multi-step processes that receives alerts from heterogeneous log reso...
The sheer number of different attack vectors and large amount of data produced by computer systems m...
Web applications are vulnerable to a variety of new security threats. SQL Injection Attacks (SQLIAs)...
Keeping networks secure has never been such an imperative task as today. Threats come from hardware ...
Intrusion Detection Systems (IDS), designed during the early era of the Internet to protect against ...
Part 6: Monitoring Methods for Quality-of-Service and SecurityInternational audienceThe rapid develo...