TY - CHAP
T1 - Correlation of intrusion symptoms
T2 - An application of chronicles
AU - Morin, Benjamin
AU - Debar, Hervé
PY - 2003/1/1
Y1 - 2003/1/1
N2 - In this paper, we propose a multi-alarm misuse correlation component based on the chronicles formalism. Chronicles provide a high level declarative language and a recognition system that is used in other areas where dynamic systems are monitored. This formalism allows us to reduce the number of alarms shipped to the operator and enhances the quality of the diagnosis provided.
AB - In this paper, we propose a multi-alarm misuse correlation component based on the chronicles formalism. Chronicles provide a high level declarative language and a recognition system that is used in other areas where dynamic systems are monitored. This formalism allows us to reduce the number of alarms shipped to the operator and enhances the quality of the diagnosis provided.
UR - https://www.scopus.com/pages/publications/33646160004
U2 - 10.1007/978-3-540-45248-5_6
DO - 10.1007/978-3-540-45248-5_6
M3 - Chapter
AN - SCOPUS:33646160004
SN - 3540408789
SN - 9783540408789
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 94
EP - 112
BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
A2 - Vigna, Giovanni
A2 - Kruegel, Christopher
A2 - Jonsson, Erland
A2 - Kruegel, Christopher
PB - Springer Verlag
ER -