A systematic mapping study on intrusion alert analysis in intrusion detection systems
AA Ramaki, A Rasoolzadegan, AG Bafghi - ACM computing surveys …, 2018 - dl.acm.org
Intrusion alert analysis is an attractive and active topic in the area of intrusion detection
systems. In recent decades, many research communities have been working in this field …
systems. In recent decades, many research communities have been working in this field …
Breaking alert fatigue: Ai-assisted siem framework for effective incident response
Contemporary security information and event management (SIEM) solutions struggle to
identify critical security incidents effectively due to the overwhelming number of false alerts …
identify critical security incidents effectively due to the overwhelming number of false alerts …
Intrusion alert prioritisation and attack detection using post-correlation analysis
Event Correlation used to be a widely used technique for interpreting alert logs and
discovering network attacks. However, due to the scale and complexity of today's networks …
discovering network attacks. However, due to the scale and complexity of today's networks …
Combating alert fatigue with AlertPro: Context-aware alert prioritization using reinforcement learning for multi-step attack detection
X Wang, X Yang, X Liang, X Zhang, W Zhang… - Computers & …, 2024 - Elsevier
Alert fatigue problems can have serious consequences for the enterprise security. When
analysts become overwhelmed by the sheer number of alerts, high-risk alerts may go …
analysts become overwhelmed by the sheer number of alerts, high-risk alerts may go …
Stream clustering guided supervised learning for classifying NIDS alerts
R Vaarandi, A Guerra-Manzanares - Future Generation Computer Systems, 2024 - Elsevier
Abstract A Network Intrusion Detection System (NIDS) is a network monitoring technology for
identifying cyber attacks, botnet command and control traffic, and other unwanted network …
identifying cyber attacks, botnet command and control traffic, and other unwanted network …
Network IDS alert classification with active learning techniques
R Vaarandi, A Guerra-Manzanares - Journal of Information Security and …, 2024 - Elsevier
Abstract A Network Intrusion Detection System (NIDS) is a widely used security monitoring
technology for detecting attacks against network services, beaconing activity of infected end …
technology for detecting attacks against network services, beaconing activity of infected end …
A stream clustering algorithm for classifying network ids alerts
R Vaarandi - 2021 IEEE International Conference on Cyber …, 2021 - ieeexplore.ieee.org
Network IDS is a widely used security monitoring technology for detecting cyber attacks,
malware activity, and other unwanted network traffic. Unfortunately, network IDSs are known …
malware activity, and other unwanted network traffic. Unfortunately, network IDSs are known …
Modeling and learning incident prioritization
L Renners, F Heine, GD Rodosek - 2017 9th IEEE International …, 2017 - ieeexplore.ieee.org
With the ever rising amount of security and alert information, the decision process which
incident to address first becomes increasingly important and prioritizing incidents is a …
incident to address first becomes increasingly important and prioritizing incidents is a …
Featureless discovery of correlated and false intrusion alerts
E Kidmose, M Stevanovic, S Brandbyge… - IEEE …, 2020 - ieeexplore.ieee.org
Malware and cyber-attacks cause substantial damage to corporations. A common
countermeasure is Intrusion Detection Systems (IDSs). Unfortunately, IDSs typically raise …
countermeasure is Intrusion Detection Systems (IDSs). Unfortunately, IDSs typically raise …
Incident handling systems with automated intrusion response
N Herold - 2017 - mediatum.ub.tum.de
Incident handling, consisting of intrusion detection, alert processing and intrusion response,
increases the resilience of IT systems under attack. Instead of providing a holistic solution …
increases the resilience of IT systems under attack. Instead of providing a holistic solution …