Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008) (2008)
Waikoloa, Big Island, Hawaii
Jan. 7, 2008 to Jan. 10, 2008
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/HICSS.2008.19
A high percentage of false positives remains a problem in current network security detection systems. With the growing reliance of industry on computer networks, and the growing variety of attacks that can be directed towards a computer network, it is clear that detection systems must be improved in order to tackle this growing problem. To help minimise the problem of false positives, this paper describes a method and apparatus for security alert analysis that is based on two technologies: (i) event correlation and (ii) a truth maintenance system. This work was undertaken in the context of practical network security management in a large outsourced management service provider in the Asia-Pacific region.
J. Chatterton, J. Almquist, I. Gorton, A. Wynne and D. Thurman, "A Flexible, High Performance Service-Oriented Architecture for Detecting? Cyber Attacks," Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008)(HICSS), Waikoloa, Big Island, Hawaii, 2008, pp. 263.