期刊名称:International Journal of Advanced Research In Computer Science and Software Engineering
印刷版ISSN:2277-6451
电子版ISSN:2277-128X
出版年度:2013
卷号:3
期号:7
出版社:S.S. Mishra
摘要:Security plays an important role in IT systems. Intrusion detection systems can be used to ensure security in a network. The existing IDSs (Intrusion Detection Systems) such as Firewall, Snort provide huge number of alerts as they monitor the network flows. Since the number of alerts isplenty, the network administrator might be confused to know exact problem. This will delay indecision making in the presenceof any security threats. As it takes more time to understand the alerts when they are more number, the network administrator needs to spend some time to make effective decisions. In this paper, we proposed a framework which aggregates alerts and generates few Meta alerts. These Meta alerts can be understood by the network personnel quickly and take decisions immediately. A data stream version of maximum likelihood approach is used in the framework. The experimental results revealed that the framework is very useful and can be used in the real world networks.
