Abstract
In order to solve the issues that there are high false alarms and missed alarm rate existing in single network security equipment, this paper proposed alert events correlation algorithm based on attributes similarity, which is the application of clustering algorithm, with measuring the similarity of properties. In accordance with the character of different clustering methods, this method achieves the correlation for the alarm event.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Yong W, Huihua Y, et al (2004) Distributed intrusion detection system based on data fusion method. Proceedings of the 5th world congress on intelligence control and automation, vol 25. Hangzhou, China, pp 256–257
Wenhui X, Kaiyong ZB, Wang B (2010) On network security event correlation analysis and active response mechanism. Comp Appl Softw 4:25–26
Kruegel C, Robertson W (2004) Alert verification: determining the success of intrusion attempts. Proc First Workshop Detect Intrusions Malware Vulnerability Assess 4:378–395
Jian G, Haibin M, Yong D, Dehao W (2005) Multi-feature correlation redundance elimination of intrusion event. J Southeast Univ (Nat Sci Edition) 03:56–58
Wei L (2008) Knowledge representation and correlation analysis of the security incidents in a complex Network. Environment 12:54–59
Zheng-ping H, Feng-juan C, Rong-sheng X (2006) Research and application of network security information correlation technology. Appl Res Comp 54:10–14
Julisch K (2003) Clustering intrusion detection alarm’s to support root cause analysis. ACM Trans Inf Syst Sec 6(4):443–471
Xiang Z, Chang-zhen H, Wei Y (2007) Research of network threat analysis technique based on event correlation. Comp Eng Appl 524:04
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag London
About this paper
Cite this paper
Wei, H. (2013). A Correlation Analysis Method for Network Security Events. In: Du, W. (eds) Informatics and Management Science III. Lecture Notes in Electrical Engineering, vol 206. Springer, London. https://doi.org/10.1007/978-1-4471-4790-9_35
Download citation
DOI: https://doi.org/10.1007/978-1-4471-4790-9_35
Published:
Publisher Name: Springer, London
Print ISBN: 978-1-4471-4789-3
Online ISBN: 978-1-4471-4790-9
eBook Packages: EngineeringEngineering (R0)