Historical Alert Analysis in Host-based Intrusion Detection, M.Sc. Thesis Sharif University of Technology ; Abolhassani, Hassan (Supervisor)
Abstract
In the last decade, Intrusion Detection Systems has attracted attention due to their importance in network security, but still they've shortcomings. Generating a lot of low level alerts is the main problem. Many of these alerts are actually false positives. One suggested solution is Alert Correlation Analysis. Because of false positives alert correlation techniques are not able to build accurate scenarios, but the accuracy of alerts can be verified with the aid of the information logged in the host systems. In this dissertation after surveying the current alert correlation techniques, a model will be introduced to effectively verify the generated alerts and to apply correlation techniques to...
Cataloging briefHistorical Alert Analysis in Host-based Intrusion Detection, M.Sc. Thesis Sharif University of Technology ; Abolhassani, Hassan (Supervisor)
Abstract
In the last decade, Intrusion Detection Systems has attracted attention due to their importance in network security, but still they've shortcomings. Generating a lot of low level alerts is the main problem. Many of these alerts are actually false positives. One suggested solution is Alert Correlation Analysis. Because of false positives alert correlation techniques are not able to build accurate scenarios, but the accuracy of alerts can be verified with the aid of the information logged in the host systems. In this dissertation after surveying the current alert correlation techniques, a model will be introduced to effectively verify the generated alerts and to apply correlation techniques to...
Find in contentBookmark |
|