Event Details

Intrusion Alert Correlation Challenges

Presenter: Sherif Saad
Supervisor: Dr. Issa Traore

Date: Wed, October 1, 2014
Time: 16:00:00 - 00:00:00
Place: ECS 467

ABSTRACT

Summary:

Intrusion detection systems generate a massive number of alerts. Alert correlation is an event correlation problem. The process of alert correlation focuses on filtering, summarize alerts generated by Network Intrusion Detection System (NIDS) and Host Intrusion Detection System (HIDS) and finally clustering alerts to reconstruct attack patterns, scenarios. In this seminar we explain the importance of IDS alert correlation, we discuss the challenges in intrusion alerts correlation, and the limitation of existing approaches.

Return to global menu.
Return to primary navigation.
Return to secondary navigation.
Return to page content.

Event Details

Intrusion Alert Correlation Challenges

UVic Electrical & Computer Engineering

UVic Electrical & Computer Engineering