ETRI-Knowledge Sharing Plaform

KOREAN

BROWSE

Titles

Home Titles Articles
논문 검색
Type SCI
Year ~ Keyword

Detail

List
Conference Paper Intrusion Alert Normalization Method using AWK Scripts and Attack Name Database
Cited - time in scopus Share share facebook twitter linkedin kakaostory
Authors
Dong Young Kim, Hyo Chan Bang, Jung Chan Na
Issue Date
2005-02
Citation
International Conference on Advanced Communication Technology (ICACT) 2005, pp.608-611
Publisher
IEEE
Language
English
Type
Conference Paper
DOI
https://dx.doi.org/10.1109/ICACT.2005.245944
Abstract
The current several classes of intrusion alert have various formats and semantics. And it is transferred using a variety of protocols. The protocols that transfer intrusion alert are IDXP, SNMP trap, SYSLOG protocol, etc. These varieties of intrusion alert formats make it difficult to use that together. Intrusion alert normalization makes various intrusions alert to same structure data and same semantics. We need this normalization process to unify alerts from a variety of security equipments. This paper describes how to normalize alerts from several IDS and security equipments.
KSP Keywords
Normalization method, SNMP TRAP, Same structure
Copyright Policy Privacy Policy

218 Gajeong-ro, Yuseong-gu, Daejeon, 34129, KOREA, Contact: sh.kim@etri.re.kr

2016 Electronics and Telecommunications Research Institute. All rights reserved.

Please refrain from automatic collection of e-mail addresses posted on this homepage.

제1유형