سال انتشار: ۱۳۸۹
محل انتشار: هفتمین کنفرانس انجمن رمز ایران
تعداد صفحات: ۸
hamid farhadi – department of information technology
rasool jalili – network security center sharif university of technology tehran
mohammad khansari – department of information technology
While intrusion detection systems IDSs are widely used , large number of alerts as well as high rate of false positive events make such a security mechanism insufficient , accordingly a track of recent security research, focused on alert correlation. this paper proposes a markov model MM based correlationmethod of intrusion alerts which have been fired from different IDS sensors across an enterprise.