Extracting fuzzy attack patterns using an online fuzzy adaptive alert correlation framework

Alert Correlation for Extracting Attack Strategies

Alert correlation is an important technique for managing large the volume of intrusion alerts that are raised by heterogenous Intrusion Detection Systems (IDSs). The recent trend of research in this area is towards extracting attack strategies from raw intrusion alerts. It is generally believed that pure intrusion detection no longer can satisfy the security needs of organizations. Intrusion re...

An Online Adaptive Approach to Alert Correlation

The current intrusion detection systems (IDSs) generate a tremendous number of intrusion alerts. In practice, managing and analyzing this large number of low-level alerts is one of the most challenging tasks for a system administrator. In this context alert correlation techniques aiming to provide a succinct and high-level view of attacks gained a lot of interest. Although, a variety of methods...

Adaptive Online Traffic Flow Prediction Using Aggregated Neuro Fuzzy Approach

Short term prediction of traffic flow is one of the most essential elements of all proactive traffic control systems. Although various methodologies have been applied to forecast traffic parameters, several researchers have showed that compared with the individual methods, hybrid methods provide more accurate results . These results made the hybrid tools and approaches a more common method for ...

Extracting Movement Patterns Using Fuzzy and Neuro-fuzzy Approaches

Using Artificial Immune System and Fuzzy Logic for Alert Correlation

One of the most important challenges facing the intrusion detection systems (IDSs) is the huge number of generated alerts. A system administrator will be overwhelmed by these alerts in such a way that she/he cannot manage and use the alerts. The best-known solution is to correlate low-level alerts into a higher level attack and then produce a high-level alert for them. In this paper a new autom...