FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2324169864> ?p ?o ?g. }

• W2324169864 endingPage "50" @default.
• W2324169864 startingPage "35" @default.
• W2324169864 abstract "Previous work introduced the idea of grouping alerts at a Hamming distance of 1 to achieve lossless alert aggregation; such aggregated meta-alerts were shown to increase alert interpretability. However, a mean of 84023 daily Snort alerts were reduced to a still formidable 14099 meta-alerts. In this work, we address this limitation by investigating several approaches that all contribute towards reducing the burden on the analyst and providing timely analysis. We explore minimizing the number of both alerts and data elements by aggregating at Hamming distances greater than 1. We show how increasing bin sizes can improve aggregation rates. And we provide a new aggregation algorithm that operates up to an order of magnitude faster at Hamming distance 1. Lastly, we demonstrate the broad applicability of this approach through empirical analysis of Windows security alerts, Snort alerts, netflow records, and DNS logs. The result is a reduction in the cognitive load on analysts by minimizing the overall number of alerts and the number of data elements that need to be reviewed in order for an analyst to evaluate the set of original alerts." @default.
• W2324169864 created "2016-06-24" @default.
• W2324169864 creator A5033809782 @default.
• W2324169864 creator A5038083931 @default.
• W2324169864 date "2014-09-30" @default.
• W2324169864 modified "2023-09-25" @default.
• W2324169864 title "Reducing the Cognitive Load on Analysts through Hamming Distance Based Alert Aggregation" @default.
• W2324169864 cites W1024175129 @default.
• W2324169864 cites W1278625838 @default.
• W2324169864 cites W1483760347 @default.
• W2324169864 cites W1495304983 @default.
• W2324169864 cites W1502081912 @default.
• W2324169864 cites W1536395052 @default.
• W2324169864 cites W1582506709 @default.
• W2324169864 cites W1587595544 @default.
• W2324169864 cites W1674877186 @default.
• W2324169864 cites W1684452600 @default.
• W2324169864 cites W1969665089 @default.
• W2324169864 cites W1977513037 @default.
• W2324169864 cites W2079557269 @default.
• W2324169864 cites W2096545824 @default.
• W2324169864 cites W2113777721 @default.
• W2324169864 cites W2157054705 @default.
• W2324169864 cites W2962749883 @default.
• W2324169864 cites W3145128584 @default.
• W2324169864 cites W2613445831 @default.
• W2324169864 doi "https://doi.org/10.5121/ijnsa.2014.6503" @default.
• W2324169864 hasPublicationYear "2014" @default.
• W2324169864 type Work @default.
• W2324169864 sameAs 2324169864 @default.
• W2324169864 citedByCount "0" @default.
• W2324169864 crossrefType "journal-article" @default.
• W2324169864 hasAuthorship W2324169864A5033809782 @default.
• W2324169864 hasAuthorship W2324169864A5038083931 @default.
• W2324169864 hasBestOaLocation W23241698641 @default.
• W2324169864 hasConcept C11413529 @default.
• W2324169864 hasConcept C15744967 @default.
• W2324169864 hasConcept C169760540 @default.
• W2324169864 hasConcept C169900460 @default.
• W2324169864 hasConcept C193319292 @default.
• W2324169864 hasConcept C41008148 @default.
• W2324169864 hasConcept C61641136 @default.
• W2324169864 hasConceptScore W2324169864C11413529 @default.
• W2324169864 hasConceptScore W2324169864C15744967 @default.
• W2324169864 hasConceptScore W2324169864C169760540 @default.
• W2324169864 hasConceptScore W2324169864C169900460 @default.
• W2324169864 hasConceptScore W2324169864C193319292 @default.
• W2324169864 hasConceptScore W2324169864C41008148 @default.
• W2324169864 hasConceptScore W2324169864C61641136 @default.
• W2324169864 hasIssue "5" @default.
• W2324169864 hasLocation W23241698641 @default.
• W2324169864 hasLocation W23241698642 @default.
• W2324169864 hasOpenAccess W2324169864 @default.
• W2324169864 hasPrimaryLocation W23241698641 @default.
• W2324169864 hasRelatedWork W2002469139 @default.
• W2324169864 hasRelatedWork W2102953887 @default.
• W2324169864 hasRelatedWork W2130932627 @default.
• W2324169864 hasRelatedWork W2183783065 @default.
• W2324169864 hasRelatedWork W2366388811 @default.
• W2324169864 hasRelatedWork W2366609647 @default.
• W2324169864 hasRelatedWork W2604597307 @default.
• W2324169864 hasRelatedWork W2922070252 @default.
• W2324169864 hasRelatedWork W2956049201 @default.
• W2324169864 hasRelatedWork W3125352866 @default.
• W2324169864 hasVolume "6" @default.
• W2324169864 isParatext "false" @default.
• W2324169864 isRetracted "false" @default.
• W2324169864 magId "2324169864" @default.
• W2324169864 workType "article" @default.