Approach based on rough set theory in aggregating alerts of cooperative intrusion detection system

Feng Liu; Changzhen Hu; Yanmin Shuai

Approach based on rough set theory in aggregating alerts of cooperative intrusion detection system

Feng Liu^*, Changzhen Hu, Yanmin Shuai

^*此作品的通讯作者

网络空间安全学院

科研成果: 期刊稿件 › 文章 › 同行评审

摘要

In this paper three light-weighted detectors have been developed in order to protect the key host. Alerts from each detector have been aggregated and correlated in the spatio-temporal space. Due to the uncertainty in describing attacks, the rough set theory has been applied into the aggregation of alerts in the spatial space. Experiments show that this way can not only reduce the amount of futile and repetitive alerts but also increase the detection rate.

源语言	英语
页（从-至）	27-28+210
期刊	Jisuanji Gongcheng/Computer Engineering
卷	31
期	7
出版状态	已出版 - 5 4月 2005

其它文件与链接

链接到 Scopus 的出版物

引用此

@article{4ed910cc3bf444b59a592158665f6955,

title = "Approach based on rough set theory in aggregating alerts of cooperative intrusion detection system",

abstract = "In this paper three light-weighted detectors have been developed in order to protect the key host. Alerts from each detector have been aggregated and correlated in the spatio-temporal space. Due to the uncertainty in describing attacks, the rough set theory has been applied into the aggregation of alerts in the spatial space. Experiments show that this way can not only reduce the amount of futile and repetitive alerts but also increase the detection rate.",

keywords = "Cooperative Intrusion detection system, Network security, Rough set theory",

author = "Feng Liu and Changzhen Hu and Yanmin Shuai",

year = "2005",

month = apr,

day = "5",

language = "English",

volume = "31",

pages = "27--28+210",

journal = "Jisuanji Gongcheng/Computer Engineering",

issn = "1000-3428",

publisher = "Shanghai Jisuanji Xuehui/Shanghai Computer Society",

number = "7",

}

TY - JOUR

T1 - Approach based on rough set theory in aggregating alerts of cooperative intrusion detection system

AU - Liu, Feng

AU - Hu, Changzhen

AU - Shuai, Yanmin

PY - 2005/4/5

Y1 - 2005/4/5

N2 - In this paper three light-weighted detectors have been developed in order to protect the key host. Alerts from each detector have been aggregated and correlated in the spatio-temporal space. Due to the uncertainty in describing attacks, the rough set theory has been applied into the aggregation of alerts in the spatial space. Experiments show that this way can not only reduce the amount of futile and repetitive alerts but also increase the detection rate.

AB - In this paper three light-weighted detectors have been developed in order to protect the key host. Alerts from each detector have been aggregated and correlated in the spatio-temporal space. Due to the uncertainty in describing attacks, the rough set theory has been applied into the aggregation of alerts in the spatial space. Experiments show that this way can not only reduce the amount of futile and repetitive alerts but also increase the detection rate.

KW - Cooperative Intrusion detection system

KW - Network security

KW - Rough set theory

UR - http://www.scopus.com/inward/record.url?scp=17944371511&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:17944371511

SN - 1000-3428

VL - 31

SP - 27-28+210

JO - Jisuanji Gongcheng/Computer Engineering

JF - Jisuanji Gongcheng/Computer Engineering

IS - 7

ER -

Approach based on rough set theory in aggregating alerts of cooperative intrusion detection system

摘要

其它文件与链接

指纹

引用此