The security of the networks has been an important concern for any organization. This is especially important for the
defense sector as to get unauthorized access to the sensitive information of an organization has been the prime desire for
cyber criminals. Many network security techniques like Firewall, VPN Concentrator etc. are deployed at the perimeter of
network to deal with attack(s) that occur(s) from exterior of network. But any vulnerability that causes to penetrate the
network's perimeter of defense, can exploit the entire network. To deal with such vulnerabilities a system has been
evolved with the purpose of generating an alert for any malicious activity triggered against the network and its resources,
termed as Intrusion Detection System (IDS). The traditional IDS have still some deficiencies like generating large
number of alerts, containing both true and false one etc. By automatically classifying (correlating) various alerts, the
high-level analysis of the security status of network can be identified and the job of network security administrator
becomes much easier. In this paper we propose to utilize Self Organizing Maps (SOM); an Artificial Neural Network for
correlating large amount of logged intrusion alerts based on generic features such as Source/Destination IP Addresses,
Port No, Signature ID etc. The different ways in which alerts can be correlated by Artificial Intelligence techniques are
also discussed. . We've shown that the strategy described in the paper improves the efficiency of IDS by better
correlating the alerts, leading to reduced false positives and increased competence of network administrator.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.