Skip to main content
SpringerLink
Log in

An Intelligent Agent-Oriented System for Integrating Network Security Devices and Handling Large Amount of Security Events

  • Conference paper
Intelligence and Security Informatics (PAISI 2007)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4430))

Included in the following conference series:

Abstract

To integrate network security devices to make them act as a battle team and efficiently handle the large amount of security events produced by various network applications, Network Security Intelligent Centralized Management is a basic solution. In this paper, we introduce an intelligent agent-oriented Network Security Intelligent Centralized Management System, and give a description about the system model, mechanism, hierarchy of security events, data flow diagram, filtering and transaction and normalization of security events, clustering and merging algorithm, and correlation algorithm. The experiment shows that the system can significantly reduce false positives and improve the quality of security events. It brings convenience for security administrators to integrate security devices and deal with large security events.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Forte, D.V.: The ”Art” of log correlation. Computer Fraud and Security 2004(8), 15 (2004)

    Article  Google Scholar 

  2. Chuvakin, A.: Security event analysis through correlation. Information Systems Security 2004(13), 13 (2004)

    Article  Google Scholar 

  3. Debar, H., Wespi, A.: Aggregation and correlation of intrusion-detection alerts. In: Lee, W., Mé, L., Wespi, A. (eds.) RAID 2001. LNCS, vol. 2212, Springer, Heidelberg (2001)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Sch. of Computer Sci. & tech., Huazhong University of Sci. & Tech., Wuhan 430074, China

    Yang-ming Ma, Zhi-tang Li, Jie Lei, Li Wang & Dong Li

Authors
  1. Yang-ming Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhi-tang Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jie Lei
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Li Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Dong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Christopher C. Yang Daniel Zeng Michael Chau Kuiyu Chang Qing Yang Xueqi Cheng Jue Wang Fei-Yue Wang Hsinchun Chen

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer Berlin Heidelberg

About this paper

Cite this paper

Ma, Ym., Li, Zt., Lei, J., Wang, L., Li, D. (2007). An Intelligent Agent-Oriented System for Integrating Network Security Devices and Handling Large Amount of Security Events. In: Yang, C.C., et al. Intelligence and Security Informatics. PAISI 2007. Lecture Notes in Computer Science, vol 4430. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71549-8_37

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-71549-8_37

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-71548-1

  • Online ISBN: 978-3-540-71549-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation