Approach based on rough set theory in aggregating alerts of cooperative intrusion detection system

Feng Liu; Changzhen Hu; Yanmin Shuai

Approach based on rough set theory in aggregating alerts of cooperative intrusion detection system

Feng Liu^*, Changzhen Hu, Yanmin Shuai

^*Corresponding author for this work

School of Cyberspace Science and Technology

Research output: Contribution to journal › Article › peer-review

Abstract

In this paper three light-weighted detectors have been developed in order to protect the key host. Alerts from each detector have been aggregated and correlated in the spatio-temporal space. Due to the uncertainty in describing attacks, the rough set theory has been applied into the aggregation of alerts in the spatial space. Experiments show that this way can not only reduce the amount of futile and repetitive alerts but also increase the detection rate.

Original language	English
Pages (from-to)	27-28+210
Journal	Jisuanji Gongcheng/Computer Engineering
Volume	31
Issue number	7
Publication status	Published - 5 Apr 2005

Keywords

Cooperative Intrusion detection system
Network security
Rough set theory

Cite this

@article{4ed910cc3bf444b59a592158665f6955,

title = "Approach based on rough set theory in aggregating alerts of cooperative intrusion detection system",

abstract = "In this paper three light-weighted detectors have been developed in order to protect the key host. Alerts from each detector have been aggregated and correlated in the spatio-temporal space. Due to the uncertainty in describing attacks, the rough set theory has been applied into the aggregation of alerts in the spatial space. Experiments show that this way can not only reduce the amount of futile and repetitive alerts but also increase the detection rate.",

keywords = "Cooperative Intrusion detection system, Network security, Rough set theory",

author = "Feng Liu and Changzhen Hu and Yanmin Shuai",

year = "2005",

month = apr,

day = "5",

language = "English",

volume = "31",

pages = "27--28+210",

journal = "Jisuanji Gongcheng/Computer Engineering",

issn = "1000-3428",

publisher = "Shanghai Jisuanji Xuehui/Shanghai Computer Society",

number = "7",

}

TY - JOUR

T1 - Approach based on rough set theory in aggregating alerts of cooperative intrusion detection system

AU - Liu, Feng

AU - Hu, Changzhen

AU - Shuai, Yanmin

PY - 2005/4/5

Y1 - 2005/4/5

N2 - In this paper three light-weighted detectors have been developed in order to protect the key host. Alerts from each detector have been aggregated and correlated in the spatio-temporal space. Due to the uncertainty in describing attacks, the rough set theory has been applied into the aggregation of alerts in the spatial space. Experiments show that this way can not only reduce the amount of futile and repetitive alerts but also increase the detection rate.

AB - In this paper three light-weighted detectors have been developed in order to protect the key host. Alerts from each detector have been aggregated and correlated in the spatio-temporal space. Due to the uncertainty in describing attacks, the rough set theory has been applied into the aggregation of alerts in the spatial space. Experiments show that this way can not only reduce the amount of futile and repetitive alerts but also increase the detection rate.

KW - Cooperative Intrusion detection system

KW - Network security

KW - Rough set theory

UR - http://www.scopus.com/inward/record.url?scp=17944371511&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:17944371511

SN - 1000-3428

VL - 31

SP - 27-28+210

JO - Jisuanji Gongcheng/Computer Engineering

JF - Jisuanji Gongcheng/Computer Engineering

IS - 7

ER -

Approach based on rough set theory in aggregating alerts of cooperative intrusion detection system

Abstract

Keywords

Other files and links

Fingerprint

Cite this