Inderscience PublishersInderscience PublishersInderscience Publishers About Inderscience Contact Information Current Site Map General Help
  PUBLISHERS OF DISTINGUISHED ACADEMIC, SCIENTIFIC AND PROFESSIONAL JOURNALS
For readers
Subscription information
Order articles
Sample journals
Latest issues
Books
Published proceedings
For authors
Submission of papers
Notes for authors
Calls for papers
Services
Search
Newsletter
Blog
TOC alerts
RSS feeds
Twitter
OAI repository
Library form
Register with Inderscience
Feedback
Noticeboard
New journals
Conference announcements

The full text of this article:

An agent-based framework for intrusion detection alert verification and event correlation
by Benjamin Uphoff, Johnny S. Wong
International Journal of Security and Networks (IJSN), Vol. 3, No. 3, 2008
Abstract: In this paper, we present a framework design and implementation that provides a scalable solution for two important components of alert correlation: alert verification and event correlation. In our framework, a broker application maintains a database containing IDS alerts while software agents perform alert verification and event correlation of alert instances. Agents are designed to run on multiple hosts to ensure scalability of complex tasks. Agents communicate with the broker via web service architecture, making them easy to build and deploy in heterogeneous networks. Three IDSs are supported to show that the framework can be applied to differing IDS paradigms.

is only available to individual subscribers or to users at subscribing institutions.

ATTENTION SUBSCRIBERS:
Please re-direct your browser by clicking on this Inderscience Online Journals link, to access the full-text of this article.

Pay per view: If you are not a Subscriber and you just want to read the full contents of this article, please click here to purchase online access to the full-text of this article. Please allow 3 days + mailing time. Current price for article is Thirty Euros (€30)

Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Security and Networks (IJSN) journal, that have been redirected here, please check if you have a registered username/password subscription with Inderscience. If that is the case, please Login:

    Username:        Password:         Forgotten your Password?

If you are not yet a Subscriber to International Journal of Security and Networks (IJSN) journal, you can subscribe by following a few simple and quick steps. A subscription will give you complete access to all articles in the current issue, as well as to all articles in the previous three years, where applicable. Click here to subscribe.

Should you experience further difficulties or have any enquiries, please email subs@inderscience.com


 
Copyright © 2004-2009 Inderscience Enterprises Limited. All rights reserved.