Based on this thought, we propose an IDS alert correlation model based on description logics.
在此思想基础上,进一步提出了基于描述逻辑的IDS告警关联模型。
To solve those problems, alert correlation and analysis become the research point of this realm.
为了解决上述问题,对告警的相关分析逐渐成为该领域的研究重点。
Causal correlation method was one of the most representative methods for instruction detection alert correlation.
众多的入侵检测告警关联方法中,因果关联是最具代表性的方法之一。
The concept of stateful alert correlation and a correlation algorithm based on dynamic Bayesian planning graph are proposed.
提出状态报警关联的概念以及基于动态贝耶斯规划图的报警关联算法。
The existing alert correlation methods are costly, especially under the condition of alert flooding, which may be hard to process.
现有的告警相关方法处理开销比较大,特别是在告警风暴的情况下有可能无法处理。
Second, the paper proposed the design and implementation of threat data collection subsystem, alert correlation subsystem and attack data extraction subsystem.
随后对攻击数据采集子系统,告警关联分析子系统和攻击数据生成子系统进行了详细设计和实现。
Rich pattern knowledge regarding network behavior is hidden behind alert correlation, when pattern knowledge is discovered and research, network fault management will be more intelligent.
网络告警关联中隐含着丰富的模式知识,通过研究告警信息间的因果相关性,能够显著的提高网络故障管理的智能度。
So, it's necessary that apply alert correlation methods develop several IDS coordination modes to analysis alerts and build distinct attack scenarios and reduce the volume of false alerts.
因此,通过应用告警相关方法开发入侵检测系统的协作模块,通过分析关联告警产生清晰的攻击过程描述,通过生成综合告警来减少假告警的数量提高检测效率非常必要。
The definition of five dimensionality alert information correlation is presented.
提出五维度报警信息关联定义;
The definition of five dimensionality alert information correlation is presented.
提出五维度报警信息关联定义;
应用推荐