Design and Implementation of A Distributed IDS Alert Aggregation Model

机译：分布式IDS警报聚集模型的设计与实现

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

How to aggregate and reduce duplicated alerts from different IDSs is one of the most important problems in distributed IDS research area. The article proposes a distributed alert aggregation model composed of local components and network components. Local components transform raw alerts originating from traditional IDSs to IDMEF-based alerts with uniform format, which are sent to network components. Network components aggregate similar alerts into a meta-alert, using an aggregation algorithm based on category and feature similarity. A subscription-based communication mechanism is and multiple kinds of messages are also proposed to meet the demands of the communication between the components and to realize information share in the whole network. Experiments on DARPA99 data set indicated the effectiveness of the model.

机译：如何汇总和减少来自不同IDS的重复警报是分布式IDS研究领域中最重要的问题之一。本文提出了一种由本地组件和网络组件组成的分布式警报聚合模型。本地组件将源自传统IDS的原始警报转换为统一格式的基于IDMEF的警报，并将其发送到网络组件。网络组件使用基于类别和功能相似性的聚合算法将类似的警报汇总到一个元警报中。基于订阅的通信机制是这样的，并且还提出了多种消息，以满足组件之间的通信需求，并在整个网络中实现信息共享。 DARPA99数据集上的实验表明了该模型的有效性。

著录项

来源
《第四届国际计算机新科技与教育学术会议(2009 4th International Conference on Computer Science Education)论文集》|2009年|975-980|共6页
会议地点 Nanning(CN)
作者
Guo Fan; Ye JiHua; Yu Min;
展开▼
作者单位

College of Computer Information Engineering, Jiangxi Normal University Nanchang, China;

College of Computer Information Engineering, Jiangxi Normal University Nanchang, China;

College of Computer Information Engineering, Jiangxi Normal University Nanchang, China;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类计算技术、计算机技术;
关键词
IDS; Alert Aggregation; Feature Similarity;

机译：IDS;警报聚合;特征相似度;

相似文献

外文文献
中文文献
专利

1. Cyber-Physical Design and Implementation of Distributed Event-Triggered Secondary Control in Islanded Microgrids [J] . Wang Yu, Tung Lam Nguyen, Xu Yan, IEEE Transactions on Industry Applications . 2019,第6期

机译：孤岛微电网中分布式事件触发的二次控制的网络物理设计与实现
2. The routine design-modular distributed modeling platform for distributed routine design and simulation-based testing of distributed assemblies [J] . M. TANER ESKIL, JON STICKLEN, CLARK RADCLIFFE Artificial Intelligence for Engineering Design, Analysis & Manufacturing . 2008,第1期

机译：例程设计-模块化分布式建模平台，用于分布式例程设计和基于仿真的分布式装配体测试
3. Design and implementation of a distributed computing environment model for object-oriented networks programming [J] . Li Chunlin, Lu Zhengding, Li Layuan Computer Communications . 2002,第5期

机译：面向对象网络编程的分布式计算环境模型的设计与实现
4. Design and implementation of a distributed IDS alert aggregation model [C] . International Conference on Computer Science and Education . 2009

机译：分布式IDS警报聚合模型的设计与实现
5. Design, implementation, and performance evaluation of a new ADSL link aggregation model. [D] . Edeen, Daniel Jay. 2005

机译：一种新的ADSL链路聚合模型的设计，实现和性能评估。
6. Design Implementation and Power Analysis of Pervasive Adaptive Resourceful Smart Lighting and Alerting Devices in Developing Countries Supporting Incandescent and LED Light Bulbs [O] . Preethi Sambandam Raju, Murugan Mahalingam, Revathi Arumugam Rajendran 2019

机译：发展中国家普遍支持白炽灯和LED灯泡的自适应资源智能照明和警报设备的设计实施和功率分析
7. A framework for correlation and aggregation of security alerts in communication networks. A reasoning correlation and aggregation approach to detect multi-stage attack scenarios using elementary alerts generated by Network Intrusion Detection Systems (NIDS) for a global security perspective. [O] . Alserhani Faeiz 2011

机译：通信网络中安全警报的关联和聚合框架。一种推理相关和聚合方法，可使用网络入侵检测系统（NIDS）生成的基本警报来检测多阶段攻击情形，以实现全球安全性。

Design and Implementation of A Distributed IDS Alert Aggregation Model

摘要

著录项

相似文献

相关主题

期刊订阅