The Community for Technology Leaders
2007 IEEE/ACS International Conference on Computer Systems and Applications (2007)
Amman, Jordan
May 13, 2007 to May 16, 2007
ISBN: 1-4244-1030-4
pp: 825-832
Amel Meddeb-Makhlouf , Communication Networks and Security Research Lab., Engineering School of Communications (Sup?om), Tu
Mohamed Hamdi , Communication Networks and Security Research Lab., Engineering School of Communications (Sup?om), Tu
Noureddine Boudriga , Communication Networks and Security Research Lab., Engineering School of Communications (Sup?om), Tu
ABSTRACT
This paper proposes to manage data structures manipulated by the proposed correlation function based on a new concept called Multi-violation Detectors (MvD). The MvD-based correlation function manipulates events based on metrics that evaluate them. The detection and the correlation processes are managed using a MLP(Muli-Layer Perceptron)-like network architecture. The manipulated data structures in the MLP-like network mainly include attacks, metrics and MvD values. To add more efficiency to the implemented processes, these values are managed through a structured database where an SQL-like language for MvD retrieval is introduced. The proposed approach is based on a relational calculus. Therefore, its completeness is mathematically proved.
INDEX TERMS
null
CITATION

N. Boudriga, M. Hamdi and A. Meddeb-Makhlouf, "Structuring a Multi-violation Detectors Database for an Efficient Intrusion Detection," 2007 IEEE/ACS International Conference on Computer Systems and Applications(AICCSA), Amman, Jordan, 2007, pp. 825-832.
doi:10.1109/AICCSA.2007.370728
90 ms
(Ver 3.3 (11022016))