Julisch, K. 2001. Mining alarm clusters to improve alarm handling e#ciency. In Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC). 12--21.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....a computer system. IDSs trigger alarms when they detect signs of security violations. The response to such security incidents is site dependent, but typically includes law suits, firewall reconfigurations, and the fixing of discovered vulnerabilities. Practitioners [9, 33] as well as researchers [8, 11, 30] have observed that IDSs can easily trigger thousands of alarms Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this ....

....in this work, whereas bounding this risk is central to our approach. Clifton and Gengo [11] use episode mining to guide the construction of custom made filtering rules. Although Section 4 pursues the same idea, it o#ers new insights into the value of this approach. Also related is our earlier work [30], which introduces the clustering technique of Section 5. Here, we extend this work in three ways: We motivate the design decisions that lead to said clustering technique, we discuss its theoretical properties, and we evaluate it by means of extensive experiments. Other related work comes from ....

[Article contains additional citation context not shown here]

K. Julisch. Mining Alarm Clusters to Improve Alarm Handling E#ciency. In 17th Annual Computer Security Applications Conference (ACSAC), pages 12--21, December 2001.

No context found.

Julisch, K. 2001. Mining alarm clusters to improve alarm handling e#ciency. In Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC). 12--21.

No context found.

K. Julisch. Mining alarm clusters to improve alarm handling efficiency. In Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC), pages 12--21, December 2001.

No context found.

K. Julisch. Mining alarm clusters to improve alarm handling efficiency. In Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC), pages 12--21, December 2001.

No context found.

K. Julisch. Mining alarm clusters to improve alarm handling efficiency. In Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC), pages 12--21, December 2001.

No context found.

K. Julisch. Mining alarm clusters to improve alarm handling efficiency. In Proc. of the 17th Annual Computer Security Applications Conf, pages 12--21, December 2001.

No context found.

Klaus Julisch, Mining Alarm Clusters to Improve Alarm Handling Efficiency, IBM Research, Zurich Research Laboratory, ACSAC 2001.

No context found.

Klaus Julisch, Mining Alarm Clusters to Improve Alarm Handling Efficiency, IBM Research, Zurich Research Laboratory, ACSAC 2001.

No context found.

K. Julisch. Mining alarm clusters to improve alarm handling efficiency. In Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC 2001.

No context found.

K. Julisch. Mining alarm clusters to improve alarm handling efficiency. In Proceedings of the 17th Annual Computer Security Applications Conference, Orlando, FL, 2001.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC