A NEW MODEL TO MANAGE IDS ALERTS

Marco Aurélio Bonato, Walter Godoy Jr.

Abstract

The goal of this paper is to present a new model to reduce the alerts generated by an IDS (Bace, 2000) analyzer. This model allows the administrator to analyze only the messages that really generate risks for an environment or machine. This is very important when you have a complex environment with a lot of machines with many services in them.

References

  1. ArachNIDS, 2003. http://www.whitehats.com.
  2. Bace, Rebeca and Mell, Peter, 2000. NIST Special Publication on Intrusion Detection Systems.
  3. Bugtrap, 2003. http://www.securityfocus.com/.
  4. Curry, D and Debar, H.,2002. Intrusion Detection Message Exchange Format data model and Extensible Markup Language (XML) Document Type Definition.
  5. CVE - Common Vulnerabilities and Exposures, 2003. http://cve.mitre.org.
  6. Nessus, 2003. http://www.nessus.org/.
  7. Object Management Group, 2003. UML - Unified Modeling Language.
Download


Paper Citation


in Harvard Style

Aurélio Bonato M. and Godoy Jr. W. (2004). A NEW MODEL TO MANAGE IDS ALERTS . In Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 3: ICEIS, ISBN 972-8865-00-7, pages 601-604. DOI: 10.5220/0002599706010604


in Bibtex Style

@conference{iceis04,
author={Marco Aurélio Bonato and Walter Godoy Jr.},
title={A NEW MODEL TO MANAGE IDS ALERTS},
booktitle={Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 3: ICEIS,},
year={2004},
pages={601-604},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002599706010604},
isbn={972-8865-00-7},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 3: ICEIS,
TI - A NEW MODEL TO MANAGE IDS ALERTS
SN - 972-8865-00-7
AU - Aurélio Bonato M.
AU - Godoy Jr. W.
PY - 2004
SP - 601
EP - 604
DO - 10.5220/0002599706010604