| Presentation | 2016-07-14 Study on Classification Method of IDS Alerts Focusing on Relation of Detection Time Hiroaki Kuno, Hiroyuki Inaba, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | IDS (Intrusion Detection System) is one of the countermeasures for illegal access to the network. Since IDS reports all of unauthorized or abnormal actions, management and analysis of the large amount of alert impose heavy burden on administrators. A method to combine related alerts into one is known to solve this problem. In this report, we consider the application of the method to IDS log analysis, and propose new method to generate sets of related alerts focused on detection time, IP address and signature of alerts. It is confirmed that the method can categorize IDS alerts to some specific groups. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | IDS / alert / detection time / IP address |
| Paper # | ISEC2016-19,SITE2016-13,ICSS2016-19,EMM2016-27 |
| Date of Issue | 2016-07-07 (ISEC, SITE, ICSS, EMM) |
| Conference Information | |
| Committee | EMM / ISEC / SITE / ICSS / IPSJ-CSEC / IPSJ-SPT |
|---|---|
| Conference Date | 2016/7/14(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | security, etc |
| Chair | Akinori Ito(Tohoku Univ.) / Masahiro Mambo(Kanazawa Univ.) / Hitoshi Okada(NII) / Yutaka Miyake(KDDI R&D Labs.) |
| Vice Chair | Masaki Kawamura(Yamaguchi Univ.) / Hirohisa Hioki(Kyoto Univ.) / Kazuto Ogawa(NHK) / Atsushi Fujioka(Kanagawa Univ.) / Tetsuya Morizumi(Kanagawa Univ.) / Masaru Ogawa(Kobe Gakuin Univ.) / Yoshiaki Shiraishi(Kobe Univ.) / Takeshi Ueda(Mitsubishi Electric) |
| Secretary | Masaki Kawamura(Nagasaki Univ.) / Hirohisa Hioki(Osaka Pref. Univ.) / Kazuto Ogawa(Toshiba) / Atsushi Fujioka(Tohoku Univ.) / Tetsuya Morizumi(Kyushu Univ.) / Masaru Ogawa(Gifu Shotoku Gakuen Univ.) / Yoshiaki Shiraishi(NII) / Takeshi Ueda(Yokohama National Univ.) |
| Assistant | Rui Shogenji(Shizuoka Univ.) / Masaaki Fujiyoshi(Tokyo Metropolitan Univ.) / Toshihiro Ohigashi(Tokai Univ.) / Yuuji Suga(IIJ) / Atsuo Inomata(Tokyo Denki Univ.) / Kanako Kawaguchi(Tokyo Univ. of the Arts) / Kazunori Kamiya(NTT) / Takahiro Kasama(NICT) |
| Paper Information | |
| Registration To | Technical Committee on Enriched MultiMedia / Technical Committee on Information Security / Technical Committee on Social Implications of Technology and Information Ethics / Technical Committee on Information and Communication System Security / Special Interest Group on Computer Security / Special Interest Group on Security Psychology and Trust |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Study on Classification Method of IDS Alerts Focusing on Relation of Detection Time |
| Sub Title (in English) | |
| Keyword(1) | IDS |
| Keyword(2) | alert |
| Keyword(3) | detection time |
| Keyword(4) | IP address |
| 1st Author's Name | Hiroaki Kuno |
| 1st Author's Affiliation | Kyoto Institute of Technology(KIT) |
| 2nd Author's Name | Hiroyuki Inaba |
| 2nd Author's Affiliation | Kyoto Institute of Technology(KIT) |
| Date | 2016-07-14 |
| Paper # | ISEC2016-19,SITE2016-13,ICSS2016-19,EMM2016-27 |
| Volume (vol) | vol.116 |
| Number (no) | ISEC-129,SITE-130,ICSS-131,EMM-132 |
| Page | pp.pp.33-36(ISEC), pp.33-36(SITE), pp.33-36(ICSS), pp.33-36(EMM), |
| #Pages | 4 |
| Date of Issue | 2016-07-07 (ISEC, SITE, ICSS, EMM) |