While virus scanners and firewalls have visible benefits and remain virtually unnoticed during normal operations, the situation is different with intrusion detection sensors. State-of-the-art Intrusion detection systems (IDSs) produce hundreds or even thousands of alerts every day. Unfortunately, almost all of these alerts are false positives, that is, they are not related to security-relevant incidents.This book analyzes the challenges in interpreting and combining (or, correlating) alerts produced by these systems. In addition, existing academic and commercial systems are classified; their advantage and shortcomings are presented, especially in the case of deployment in large, real-world sites.
Reihe
Auflage
Sprache
Verlagsort
Zielgruppe
Für Beruf und Forschung
Research
Produkt-Hinweis
Fadenheftung
Gewebe-Einband
Illustrationen
Maße
Höhe: 245 mm
Breite: 162 mm
Dicke: 15 mm
Gewicht
ISBN-13
978-0-387-23398-7 (9780387233987)
DOI
Schweitzer Klassifikation
Computer Security and Intrusion Detection.- Alert Correlation.- Alert Collection.- Alert Aggregation and Verification.- High-Level Alert Structures.- Large-Scale Correlation.- Evaluation.- Open Issues.- Conclusions.
