Active Event Correlation in Bro IDS to Detect Multi-stage Attacks.
Bing ChenJoohan LeeAnnie S. WuPublished in: IWIA (2006)
Keyphrases
- multistage
- attack detection
- intrusion detection system
- network attacks
- normal traffic
- intrusion detection
- attack scenarios
- normal behavior
- misuse detection
- production system
- single stage
- dynamic programming
- alert correlation
- anomaly detection
- stochastic programming
- network traffic
- eca rules
- network intrusions
- network security
- event detection
- lot sizing
- detect malicious
- countermeasures
- network intrusion detection systems
- detection algorithm
- assembly systems
- stochastic optimization
- search space
- harmony search algorithm
- cyber attacks
- data mining
- network intrusion detection
- security mechanisms
- watermarking scheme
- lot streaming
- data mining techniques