A correlation analysis method of network security events based on rough set theory

Network security event correlation can find real threat through correlating security events and logs generated by different security devices and can be aware of the network security situation accurately. This paper propose a network security events correlation scheme based on rough set, build databa...

Full description

Saved in:
Bibliographic Details
Main Authors: Jing Liu, Lize Gu, Guosheng Xu, Xinxin Niu
Format: Conference Proceeding
Language:English
Subjects:
Algorithm design and analysis
Correlation
Correlation analysis
Data mining
Entropy
Network security event
Rough set
Runtime
Security
Sequence pattern
Set theory
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Network security event correlation can find real threat through correlating security events and logs generated by different security devices and can be aware of the network security situation accurately. This paper propose a network security events correlation scheme based on rough set, build database of network security events and knowledge base, gives rule generation method and rule matcher. This method solves the simplification and correlation of massive security events through combining data discretization, attribute reduction, value reduction and rule generation.
ISSN:2374-0272
DOI:10.1109/ICNIDC.2012.6418807