Další formáty:
BibTeX
LaTeX
RIS
@inproceedings{36186, author = {Husák, Martin and Kašpar, Jaroslav}, address = {New York}, booktitle = {Proceedings of the 14th International Conference on Availability, Reliability and Security (ARES 2019)}, keywords = {alert correlation;data mining;information sharing;intrusion detection;prediction}, howpublished = {elektronická verze "online"}, language = {eng}, location = {New York}, isbn = {978-1-4503-7164-3}, pages = {"81:1"-"81:8"}, publisher = {ACM}, title = {AIDA Framework: Real-Time Correlation and Prediction of Intrusion Detection Alerts}, url = {https://dl.acm.org/doi/10.1145/3339252.3340513}, year = {2019} }
TY - JOUR ID - 36186 AU - Husák, Martin - Kašpar, Jaroslav PY - 2019 TI - AIDA Framework: Real-Time Correlation and Prediction of Intrusion Detection Alerts PB - ACM CY - New York SN - 9781450371643 KW - alert correlation;data mining;information sharing;intrusion detection;prediction UR - https://dl.acm.org/doi/10.1145/3339252.3340513 N2 - In this paper, we present AIDA, an analytical framework for processing intrusion detection alerts with a focus on alert correlation and predictive analytics. The framework contains components that filter, aggregate, and correlate the alerts, and predict future security events using the predictive rules distilled from historical records. The components are based on stream processing and use selected features of data mining (namely sequential rule mining) and complex event processing. The framework was deployed as an analytical component of an alert sharing platform, where alerts from intrusion detection systems, honeypots, and other data sources are exchanged among the community of peers. The deployment is briefly described and evaluated to illustrate the capabilities of the framework in practice. Further, the framework may be deployed locally for experimentations over datasets. ER -
HUSÁK, Martin a Jaroslav KAŠPAR. AIDA Framework: Real-Time Correlation and Prediction of Intrusion Detection Alerts. Online. In \textit{Proceedings of the 14th International Conference on Availability, Reliability and Security (ARES 2019)}. New York: ACM, 2019, s.~''81:1''-''81:8'', 8 s. ISBN~978-1-4503-7164-3.
|