Ontology type: schema:Chapter Open Access: True
2002
AUTHORSBenjamin Morin , Ludovic Mé , Hervé Debar , Mireille Ducassé
ABSTRACTAt present, alert correlation techniques do not make full use of the information that is available. We propose a data model for IDS alert correlation called M2D2. It supplies four information types: information related to the characteristics of the monitored information system, information about the vulnerabilities, information about the security tools used for the monitoring, and information about the events observed. M2D2 is formally defined. As far as we know, no other formal model includes the vulnerability and alert parts of M2D2. Three examples of correlations are given. They are rigorously specified using the formal definition of M2D2. As opposed to already published correlation methods, these examples use more than the events generated by security tools; they make use of many concepts formalized in M2D2. More... »
PAGES115-137
Recent Advances in Intrusion Detection
ISBN
978-3-540-00020-4
978-3-540-36084-1
http://scigraph.springernature.com/pub.10.1007/3-540-36084-0_7
DOIhttp://dx.doi.org/10.1007/3-540-36084-0_7
DIMENSIONShttps://app.dimensions.ai/details/publication/pub.1019349336
JSON-LD is the canonical representation for SciGraph data.
TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT
[
{
"@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json",
"about": [
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0806",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Information Systems",
"type": "DefinedTerm"
},
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Information and Computing Sciences",
"type": "DefinedTerm"
}
],
"author": [
{
"affiliation": {
"alternateName": "Orange (France)",
"id": "https://www.grid.ac/institutes/grid.89485.38",
"name": [
"France T\u00e9l\u00e9com R&D, Caen, France"
],
"type": "Organization"
},
"familyName": "Morin",
"givenName": "Benjamin",
"id": "sg:person.013114004075.10",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013114004075.10"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Sup\u00e9lec",
"id": "https://www.grid.ac/institutes/grid.424471.0",
"name": [
"Sup\u00e9lec, Rennes, France"
],
"type": "Organization"
},
"familyName": "M\u00e9",
"givenName": "Ludovic",
"id": "sg:person.07761036762.44",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07761036762.44"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Orange (France)",
"id": "https://www.grid.ac/institutes/grid.89485.38",
"name": [
"France T\u00e9l\u00e9com R&D, Caen, France"
],
"type": "Organization"
},
"familyName": "Debar",
"givenName": "Herv\u00e9",
"id": "sg:person.016303555143.12",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016303555143.12"
],
"type": "Person"
},
{
"affiliation": {
"name": [
"IRISA/INSA, Rennes, France"
],
"type": "Organization"
},
"familyName": "Ducass\u00e9",
"givenName": "Mireille",
"id": "sg:person.010214413243.65",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010214413243.65"
],
"type": "Person"
}
],
"citation": [
{
"id": "sg:pub.10.1007/3-540-39945-3_13",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1007204231",
"https://doi.org/10.1007/3-540-39945-3_13"
],
"type": "CreativeWork"
},
{
"id": "sg:pub.10.1007/3-540-45474-8_6",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1028240787",
"https://doi.org/10.1007/3-540-45474-8_6"
],
"type": "CreativeWork"
},
{
"id": "sg:pub.10.1007/3-540-45474-8_6",
"sameAs": [
"https://app.dimensions.ai/details/publication/pub.1028240787",
"https://doi.org/10.1007/3-540-45474-8_6"
],
"type": "CreativeWork"
}
],
"datePublished": "2002",
"datePublishedReg": "2002-01-01",
"description": "At present, alert correlation techniques do not make full use of the information that is available. We propose a data model for IDS alert correlation called M2D2. It supplies four information types: information related to the characteristics of the monitored information system, information about the vulnerabilities, information about the security tools used for the monitoring, and information about the events observed. M2D2 is formally defined. As far as we know, no other formal model includes the vulnerability and alert parts of M2D2. Three examples of correlations are given. They are rigorously specified using the formal definition of M2D2. As opposed to already published correlation methods, these examples use more than the events generated by security tools; they make use of many concepts formalized in M2D2.",
"editor": [
{
"familyName": "Wespi",
"givenName": "Andreas",
"type": "Person"
},
{
"familyName": "Vigna",
"givenName": "Giovanni",
"type": "Person"
},
{
"familyName": "Deri",
"givenName": "Luca",
"type": "Person"
}
],
"genre": "chapter",
"id": "sg:pub.10.1007/3-540-36084-0_7",
"inLanguage": [
"en"
],
"isAccessibleForFree": true,
"isPartOf": {
"isbn": [
"978-3-540-00020-4",
"978-3-540-36084-1"
],
"name": "Recent Advances in Intrusion Detection",
"type": "Book"
},
"name": "M2D2: A Formal Data Model for IDS Alert Correlation",
"pagination": "115-137",
"productId": [
{
"name": "doi",
"type": "PropertyValue",
"value": [
"10.1007/3-540-36084-0_7"
]
},
{
"name": "readcube_id",
"type": "PropertyValue",
"value": [
"5c3137c2fd81e097232f90af41d94e6c49e9da8cff95234704849e5df1e8c94d"
]
},
{
"name": "dimensions_id",
"type": "PropertyValue",
"value": [
"pub.1019349336"
]
}
],
"publisher": {
"location": "Berlin, Heidelberg",
"name": "Springer Berlin Heidelberg",
"type": "Organisation"
},
"sameAs": [
"https://doi.org/10.1007/3-540-36084-0_7",
"https://app.dimensions.ai/details/publication/pub.1019349336"
],
"sdDataset": "chapters",
"sdDatePublished": "2019-04-15T14:24",
"sdLicense": "https://scigraph.springernature.com/explorer/license/",
"sdPublisher": {
"name": "Springer Nature - SN SciGraph project",
"type": "Organization"
},
"sdSource": "s3://com-uberresearch-data-dimensions-target-20181106-alternative/cleanup/v134/2549eaecd7973599484d7c17b260dba0a4ecb94b/merge/v9/a6c9fde33151104705d4d7ff012ea9563521a3ce/jats-lookup/v90/0000000001_0000000264/records_8669_00000255.jsonl",
"type": "Chapter",
"url": "http://link.springer.com/10.1007/3-540-36084-0_7"
}
]Download the RDF metadata as: json-ld nt turtle xml License info
JSON-LD is a popular format for linked data which is fully compatible with JSON.
curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/3-540-36084-0_7'
N-Triples is a line-based linked data format ideal for batch operations.
curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/3-540-36084-0_7'
Turtle is a human-readable linked data format.
curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/3-540-36084-0_7'
RDF/XML is a standard XML format for linked data.
curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/3-540-36084-0_7'
This table displays all metadata directly associated to this object as RDF triples.
109 TRIPLES
23 PREDICATES
29 URIs
20 LITERALS
8 BLANK NODES