Generating security event correlation rules through k-means clustering.
Nelson UtoHelen TeixeiraAndre BlazkoMarcos Ferreira de PaulaRenata Cicilini TeixeiraMamede Lima-MarquesPublished in: ICETE (2005)
Keyphrases
- condition action rules
- access control
- event detection
- information security
- security issues
- information assurance
- intrusion detection
- decision rules
- security requirements
- correlation coefficient
- highly correlated
- security threats
- security systems
- statistical databases
- association rules
- network security
- domain knowledge
- event recognition
- knowledge base
- event condition action
- security measures
- multilevel secure
- anomaly detection
- authentication protocol
- production rules
- computer security
- security mechanisms
- rule sets
- rule based systems
- temporal patterns
- data sets