Real-time intrusion detection alert correlation and attack scenario extraction based on the prerequisite-consequence approach

Authors: Zeinab Zali, Massoud Reza Hashemi, Hossein Saidi

Publication date: 2012/1/1

Volume: 4

Issue: 2

Pages: 125-136

Abstract:

Alert correlation systems attempt to discover the relations among alerts produced by one or more intrusion detection systems to determine the attack scenarios and their main motivations. In this paper a new IDS alert correlation method is proposed that can be used to detect attack scenarios in real-time.

Real-time intrusion detection alert correlation and attack scenario extraction based on the prerequisite-consequence approach

Z Zali, MR Hashemi, H Saidi - 2012

Cited by 17 Related articles All 4 versions