سال انتشار: ۱۳۸۹

محل انتشار: هفتمین کنفرانس انجمن رمز ایران

تعداد صفحات: ۸

نویسنده(ها):

hamid farhadi – department of information technology
rasool jalili – network security center sharif university of technology tehran
mohammad khansari – department of information technology

چکیده:

While intrusion detection systems IDSs are widely used , large number of alerts as well as high rate of false positive events make such a security mechanism insufficient , accordingly a track of recent security research, focused on alert correlation. this paper proposes a markov model MM based correlationmethod of intrusion alerts which have been fired from different IDS sensors across an enterprise.