FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W1208582001> ?p ?o ?g. }

• W1208582001 endingPage "38" @default.
• W1208582001 startingPage "3" @default.
• W1208582001 abstract "In a complex network with intrusion detectionIntrusion detection and logging, a huge number of alerts and logs are generated to report the status of the network, servers, systems, and applications running on this network. The administrator(s) are required to analyze these pieces of information to generate an overview about the network, hacking attempts and vulnerable points within the network. Unfortunately, with the enormous number of alerts and recorded events that grows as the network grows, this task is almost impossible without an analysis and reporting model. Alerts and events correlation is a process in which the alerts produced by one or more intrusion detectionIntrusion detection systems and events generated from different systems and security tools are analyzed and correlated to provide a more succinct and high-level view of occurring or attempted intrusions and attacks. While the existing correlation techniques improve the intrusion detectionIntrusion detection results and reduce the huge number of alerts in a summarized report, they still have some drawbacks. This article presents a modular framework for a Distributed Agent Correlation Model (DACM) for intrusion detectionIntrusion detection alerts and events in computer networks. The framework supports the integration of multiple correlation techniques. It introduces a multi-agent distributed model in a hierarchical organization; correlates alerts from the IDS with attack signatures from information security tools and either system or application log files as other sources of information. The agent model is inspired by bio-distribution of cooperating members of a society to achieve a common goal. Each local agent aggregates/correlates events from its source according to a specific pattern matching. Correlation between multiple sources of information and the integration of these correlation agents together forms a complete integrated correlation system and reduces both false negative and false positive alerts, enhancing intrusion detectionIntrusion detection accuracy and completeness. The model has been implemented and tested using a set of datasets. Agents proposed models and algorithms have been implemented, analyzed, and evaluated to measure detection and correlation rates and the reduction rateReduction rate of false positive and false negative alerts. The results showed that DACM enhances both the accuracy and completeness of intrusion detectionIntrusion detection by reducing both false positive and false negative alerts; it also enhances the early detection new threats." @default.
• W1208582001 created "2016-06-24" @default.
• W1208582001 creator A5028850658 @default.
• W1208582001 date "2014-01-01" @default.
• W1208582001 modified "2023-10-14" @default.
• W1208582001 title "A Bio-inspired Comprehensive Distributed Correlation Approach for Intrusion Detection Alerts and Events" @default.
• W1208582001 cites W152061403 @default.
• W1208582001 cites W1549716092 @default.
• W1208582001 cites W1976559050 @default.
• W1208582001 cites W1994864447 @default.
• W1208582001 cites W1995205970 @default.
• W1208582001 cites W2018945390 @default.
• W1208582001 cites W2031047963 @default.
• W1208582001 cites W2035096021 @default.
• W1208582001 cites W2125752823 @default.
• W1208582001 cites W2130673717 @default.
• W1208582001 cites W2135172953 @default.
• W1208582001 cites W2141200504 @default.
• W1208582001 cites W2152449272 @default.
• W1208582001 cites W2170227914 @default.
• W1208582001 cites W2321752946 @default.
• W1208582001 cites W2546115434 @default.
• W1208582001 cites W2952336556 @default.
• W1208582001 cites W2962749883 @default.
• W1208582001 cites W2071838763 @default.
• W1208582001 doi "https://doi.org/10.1007/978-3-662-43616-5_1" @default.
• W1208582001 hasPublicationYear "2014" @default.
• W1208582001 type Work @default.
• W1208582001 sameAs 1208582001 @default.
• W1208582001 citedByCount "1" @default.
• W1208582001 countsByYear W12085820012017 @default.
• W1208582001 crossrefType "book-chapter" @default.
• W1208582001 hasAuthorship W1208582001A5028850658 @default.
• W1208582001 hasConcept C117220453 @default.
• W1208582001 hasConcept C124101348 @default.
• W1208582001 hasConcept C127313418 @default.
• W1208582001 hasConcept C158251709 @default.
• W1208582001 hasConcept C17409809 @default.
• W1208582001 hasConcept C2524010 @default.
• W1208582001 hasConcept C33923547 @default.
• W1208582001 hasConcept C35525427 @default.
• W1208582001 hasConcept C41008148 @default.
• W1208582001 hasConceptScore W1208582001C117220453 @default.
• W1208582001 hasConceptScore W1208582001C124101348 @default.
• W1208582001 hasConceptScore W1208582001C127313418 @default.
• W1208582001 hasConceptScore W1208582001C158251709 @default.
• W1208582001 hasConceptScore W1208582001C17409809 @default.
• W1208582001 hasConceptScore W1208582001C2524010 @default.
• W1208582001 hasConceptScore W1208582001C33923547 @default.
• W1208582001 hasConceptScore W1208582001C35525427 @default.
• W1208582001 hasConceptScore W1208582001C41008148 @default.
• W1208582001 hasLocation W12085820011 @default.
• W1208582001 hasOpenAccess W1208582001 @default.
• W1208582001 hasPrimaryLocation W12085820011 @default.
• W1208582001 hasRelatedWork W2018945390 @default.
• W1208582001 hasRelatedWork W2037496939 @default.
• W1208582001 hasRelatedWork W2355783318 @default.
• W1208582001 hasRelatedWork W2365508635 @default.
• W1208582001 hasRelatedWork W2366221835 @default.
• W1208582001 hasRelatedWork W2374211671 @default.
• W1208582001 hasRelatedWork W2385987727 @default.
• W1208582001 hasRelatedWork W2388271354 @default.
• W1208582001 hasRelatedWork W2394110669 @default.
• W1208582001 hasRelatedWork W2511503303 @default.
• W1208582001 isParatext "false" @default.
• W1208582001 isRetracted "false" @default.
• W1208582001 magId "1208582001" @default.
• W1208582001 workType "book-chapter" @default.