Correlation and Aggregation of Security Alerts in Networks (Paperback)

The tremendous increase in usage and complexity of modern communication and network systems connected to the Internet, places demands upon security management to protect organisations' sensitive data and resources from malicious intrusion. A methodology for analysing alerts using a proposed framework for alert correlation, has been presented to provide the security operator with a global view of the security perspective. Missed alerts are recovered implicitly using a contextual technique to detect multi-stage attack scenarios. This is based on the assumption that the most serious intrusions consist of relevant steps that temporally ordered. The pre- and post- condition approach is used to identify the logical relations among low level alerts. The alerts are aggregated, verified using vulnerability modelling, and correlated to construct multi-stage attacks.A number of algorithms have been proposed in this book to support the functionality of our framework including: alert correlation, alert aggregation and graph reduction. These algorithms have been implemented in a tool called Multi-stage Attack Recognition System (MARS) consisting of a collection of integrated components.

General

Imprint:	Lap Lambert Academic Publishing
Country of origin:	Germany
Release date:	2012
First published:	2012
Authors:	Faeiz Alserhani • Irfan Awan • Monis Akhlaq
Dimensions:	229 x 152 x 15mm (L x W x T)
Format:	Paperback - Trade
Pages:	256
ISBN-13:	978-3-8473-4508-4
Categories:	Books > Computing & IT > General theory of computing > General
LSN:	3-8473-4508-7
Barcode:	9783847345084

Is the information for this product incomplete, wrong or inappropriate? Let us know about it.

Does this product have an incorrect or missing image? Send us a new image.

Is this product missing categories? Add more categories.

Review This Product

No reviews yet - be the first to create one!