| International Association of Online Engineering | |
| An Alert Fusion Method Based on Grey Relation and Attribute Similarity Correlation | |
| Zuo Chen1 Ya Wen1 Weidong Xiao2 Wei Liang2 | |
| [1] College of Computer Science and Electronic Engineering, Hunan University;Department of Software Engineering, Xiamen University of Technology | |
| 关键词: Grey correlation analysis; Attribute similarity; Aggregation; Hyper alerts; | |
| DOI : | |
| 学科分类:社会科学、人文和艺术(综合) | |
| 来源: International Association of Online Engineering | |
 PDF
|
|
【 摘 要 】
Various security devices which produce a large volume of logs and alerts have been used widely. It is such a troublesome and time-consuming task for network managers to analyze and deal with the information. This paper presented an improved alerts aggregation method based on grey correlation and attribute similarity method. We used grey correlation to ascertain the importance of alert attributes in network security, and considered it as the weight of attributes. Then we combined with the attribute similarity method and calculated the overall feature similarity in order to complete alert aggregation. Experiments results showed that this method had a strict mathematical theory basis and a higher practical value, which can effectively reduce raw alerts and reduce redundancy for alert data fusion.
【 授权许可】
Unknown
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| RO201904036829666ZK.pdf | 1368KB |  download |
878987797
028-85220240
