@inproceedings{e39db7b6e9984ae983fe2f87357e5b75,
title = "Research on preprocessing technique of alert aggregation",
abstract = "In order to solve the problems caused by repetitive IDS alerts, an adaptive alert aggregation approach is proposed in this paper. According to the corresponding alert types, the stay times of aggregate alerts in the buffer area can be adjusted automatically so that the repetitive alerts can be aggregated effectively. The experiments results indicate that by using the adaptive alert aggregation model,the problems caused by repetitive alerts are solved, and a balance between alert amount and alert type is achieved at the same time. As a result, the adaptive alert aggregationapproach not only can provide a strong support for the further alert processing in IDAM &IRS but also can balance the speed and security of a network system.",
keywords = "Alert aggregation, Alert processing, Intrusion detectio, Intrusion response",
author = "Chengpo Mu and Bing Shuai",
year = "2012",
doi = "10.1109/CSO.2012.136",
language = "English",
isbn = "9780769546902",
series = "Proceedings of the 2012 5th International Joint Conference on Computational Sciences and Optimization, CSO 2012",
pages = "597--600",
booktitle = "Proceedings of the 2012 5th International Joint Conference on Computational Sciences and Optimization, CSO 2012",
note = "2012 5th International Joint Conference on Computational Sciences and Optimization, CSO 2012 ; Conference date: 23-06-2012 Through 26-06-2012",
}