[Home ] [Archive]   [ فارسی ]  
:: Main :: About :: Current Issue :: Archive :: Search :: Submit :: Contact ::
:: Volume 3, Issue 1 (9-2014) ::
3 2014, 3(1): 39-57 Back to browse issues page
Security Alert Correlation Survey and Study of These Features in OSSIM
Abstract:   (4981 Views)

With the increase in attacks, the different mechanisms in different layers of defense are applied in order to detect and prevent attacks. In this case we are encountered with massive amounts of alerts with low level and scattered information. Alert correlation is one of the solutions that are used to combine alerts and create a high level view of under controlled network security situations, and a lot of researches have been done in this field. In this paper, we describe the OSSIM and introduce its features. In addition with a combined approach to the alert correlation problem, a new categorization is done on the scientific researches and with respect to these researches, we described the process of alert correlation in the OSSIM and established a correspondence between components of the OSSIM and one of the researches. In most researches the focus is on the alerts correlation of intrusion detection systems, we have shown in this paper that the other resources are effective in multi-stage attacks correlation.

Keywords: Alert Correlation, OSSIM, Log Correlation, Multistage Attacks
Full-Text [PDF 2674 kb]   (759 Downloads)    
Type of Study: Scientific extension | Subject: Special
Received: 2015/08/18 | Accepted: 2015/08/18 | Published: 2015/08/18
Add your comments about this article
Your username or Email:

CAPTCHA


XML   Persian Abstract   Print


Download citation:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:

Security Alert Correlation Survey and Study of These Features in OSSIM. 3. 2014; 3 (1) :39-57
URL: http://monadi.isc.org.ir/article-1-26-en.html


Volume 3, Issue 1 (9-2014) Back to browse issues page
دوفصل نامه علمی ترویجی منادی امنیت فضای تولید و تبادل اطلاعات( افتا) Biannual Journal Monadi for Cyberspace Security (AFTA)
Persian site map - English site map - Created in 0.05 seconds with 32 queries by YEKTAWEB 4009