View article

[PDF] from psu.edu

Aggregation and correlation of intrusion-detection alerts

Authors

Hervé Debar, Andreas Wespi

Publication date

2001

Journal

Recent Advances in Intrusion Detection

Pages

85-103

Publisher

Springer Berlin/Heidelberg

Description

This paper describes an aggregation and correlation algorithm used in the design and implementation of an intrusion-detection console built on top of the Tivoli Enterprise Console (TEC). The aggregation and correlation algorithm aims at acquiring intrusion-detection alerts and relating them together to expose a more condensed view of the security issues raised by intrusion-detection systems.

Total citations

Cited by 1014

2001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320243 15 31 65 83 86 83 76 65 66 53 52 45 51 41 37 30 22 28 26 18 12 8 5

Scholar articles

Aggregation and correlation of intrusion-detection alerts

H Debar, A Wespi - International Workshop on Recent Advances in …, 2001

Cited by 1014 Related articles All 19 versions