Aggregation and Correlation of Intrusion-Detection Alerts View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2001-09-27

AUTHORS

Hervé Debar , Andreas Wespi

ABSTRACT

This paper describes an aggregation and correlation algorithm used in the design and implementation of an intrusion-detection console built on top of the Tivoli Enterprise Console (TEC). The aggregation and correlation algorithm aims at acquiring intrusion-detection alerts and relating them together to expose a more condensed view of the security issues raised by intrusion-detection systems. More... »

PAGES

85-103

Book

TITLE

Recent Advances in Intrusion Detection

ISBN

978-3-540-42702-5
978-3-540-45474-8

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/3-540-45474-8_6

DOI

http://dx.doi.org/10.1007/3-540-45474-8_6

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1028240787


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0801", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Artificial Intelligence and Image Processing", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Orange (France)", 
          "id": "https://www.grid.ac/institutes/grid.89485.38", 
          "name": [
            "France T\u00e9l\u00e9com R&D, 42 Rue des Coutures, F-14000, Caen, France"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Debar", 
        "givenName": "Herv\u00e9", 
        "id": "sg:person.016303555143.12", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016303555143.12"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "IBM Research - Zurich", 
          "id": "https://www.grid.ac/institutes/grid.410387.9", 
          "name": [
            "Zurich Research Laboratory, IBM Research, S\u00e4umerstrasse 4, CH-8803, R\u00fcschlikon, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Wespi", 
        "givenName": "Andreas", 
        "id": "sg:person.015336520224.18", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015336520224.18"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2001-09-27", 
    "datePublishedReg": "2001-09-27", 
    "description": "This paper describes an aggregation and correlation algorithm used in the design and implementation of an intrusion-detection console built on top of the Tivoli Enterprise Console (TEC). The aggregation and correlation algorithm aims at acquiring intrusion-detection alerts and relating them together to expose a more condensed view of the security issues raised by intrusion-detection systems.", 
    "editor": [
      {
        "familyName": "Lee", 
        "givenName": "Wenke", 
        "type": "Person"
      }, 
      {
        "familyName": "M\u00e9", 
        "givenName": "Ludovic", 
        "type": "Person"
      }, 
      {
        "familyName": "Wespi", 
        "givenName": "Andreas", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/3-540-45474-8_6", 
    "inLanguage": [
      "en"
    ], 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-540-42702-5", 
        "978-3-540-45474-8"
      ], 
      "name": "Recent Advances in Intrusion Detection", 
      "type": "Book"
    }, 
    "name": "Aggregation and Correlation of Intrusion-Detection Alerts", 
    "pagination": "85-103", 
    "productId": [
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/3-540-45474-8_6"
        ]
      }, 
      {
        "name": "readcube_id", 
        "type": "PropertyValue", 
        "value": [
          "86888ba8e82448beeddd4f9df3f069254b34eb5042a8eb4ce9668abb24b8bf92"
        ]
      }, 
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1028240787"
        ]
      }
    ], 
    "publisher": {
      "location": "Berlin, Heidelberg", 
      "name": "Springer Berlin Heidelberg", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/3-540-45474-8_6", 
      "https://app.dimensions.ai/details/publication/pub.1028240787"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2019-04-16T05:26", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-uberresearch-data-dimensions-target-20181106-alternative/cleanup/v134/2549eaecd7973599484d7c17b260dba0a4ecb94b/merge/v9/a6c9fde33151104705d4d7ff012ea9563521a3ce/jats-lookup/v90/0000000345_0000000345/records_64103_00000001.jsonl", 
    "type": "Chapter", 
    "url": "https://link.springer.com/10.1007%2F3-540-45474-8_6"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/3-540-45474-8_6'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/3-540-45474-8_6'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/3-540-45474-8_6'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/3-540-45474-8_6'


 

This table displays all metadata directly associated to this object as RDF triples.

85 TRIPLES      22 PREDICATES      26 URIs      19 LITERALS      8 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/3-540-45474-8_6 schema:about anzsrc-for:08
2 anzsrc-for:0801
3 schema:author Neb7cb5644cff41b1b9378b5153b0fc4c
4 schema:datePublished 2001-09-27
5 schema:datePublishedReg 2001-09-27
6 schema:description This paper describes an aggregation and correlation algorithm used in the design and implementation of an intrusion-detection console built on top of the Tivoli Enterprise Console (TEC). The aggregation and correlation algorithm aims at acquiring intrusion-detection alerts and relating them together to expose a more condensed view of the security issues raised by intrusion-detection systems.
7 schema:editor N91bbc8c2d2d141ed990c5deb0c8aaff6
8 schema:genre chapter
9 schema:inLanguage en
10 schema:isAccessibleForFree true
11 schema:isPartOf Na3ae3b4710b841a28e56ef20b1afb191
12 schema:name Aggregation and Correlation of Intrusion-Detection Alerts
13 schema:pagination 85-103
14 schema:productId N03abc9938fc34b43937c4bcb734ac5f0
15 N5a6edc3f97d543e1bb042992ac3b7ae5
16 Nbe72d6d234854793ae9e11f51f99a6bd
17 schema:publisher N310d7867285542ee9e50cc052f2ac03b
18 schema:sameAs https://app.dimensions.ai/details/publication/pub.1028240787
19 https://doi.org/10.1007/3-540-45474-8_6
20 schema:sdDatePublished 2019-04-16T05:26
21 schema:sdLicense https://scigraph.springernature.com/explorer/license/
22 schema:sdPublisher N4ff75d01001e4f03a76274b1da872609
23 schema:url https://link.springer.com/10.1007%2F3-540-45474-8_6
24 sgo:license sg:explorer/license/
25 sgo:sdDataset chapters
26 rdf:type schema:Chapter
27 N03abc9938fc34b43937c4bcb734ac5f0 schema:name dimensions_id
28 schema:value pub.1028240787
29 rdf:type schema:PropertyValue
30 N13afac436b504b288d2864659ff3a34b rdf:first sg:person.015336520224.18
31 rdf:rest rdf:nil
32 N310d7867285542ee9e50cc052f2ac03b schema:location Berlin, Heidelberg
33 schema:name Springer Berlin Heidelberg
34 rdf:type schema:Organisation
35 N4ff75d01001e4f03a76274b1da872609 schema:name Springer Nature - SN SciGraph project
36 rdf:type schema:Organization
37 N5a6edc3f97d543e1bb042992ac3b7ae5 schema:name doi
38 schema:value 10.1007/3-540-45474-8_6
39 rdf:type schema:PropertyValue
40 N60ee985e6a3a41b6be255d55e8245dc9 schema:familyName Lee
41 schema:givenName Wenke
42 rdf:type schema:Person
43 N82e01b86d1a6481cb44c67c9f5affa1e schema:familyName Wespi
44 schema:givenName Andreas
45 rdf:type schema:Person
46 N91bbc8c2d2d141ed990c5deb0c8aaff6 rdf:first N60ee985e6a3a41b6be255d55e8245dc9
47 rdf:rest Nb52df4c8657b429c926ad90b969980c7
48 N93be7b0512044265ae354268b2898a86 rdf:first N82e01b86d1a6481cb44c67c9f5affa1e
49 rdf:rest rdf:nil
50 Na3ae3b4710b841a28e56ef20b1afb191 schema:isbn 978-3-540-42702-5
51 978-3-540-45474-8
52 schema:name Recent Advances in Intrusion Detection
53 rdf:type schema:Book
54 Nb52df4c8657b429c926ad90b969980c7 rdf:first Nee7908f7909246288e3727e462d8cbb8
55 rdf:rest N93be7b0512044265ae354268b2898a86
56 Nbe72d6d234854793ae9e11f51f99a6bd schema:name readcube_id
57 schema:value 86888ba8e82448beeddd4f9df3f069254b34eb5042a8eb4ce9668abb24b8bf92
58 rdf:type schema:PropertyValue
59 Neb7cb5644cff41b1b9378b5153b0fc4c rdf:first sg:person.016303555143.12
60 rdf:rest N13afac436b504b288d2864659ff3a34b
61 Nee7908f7909246288e3727e462d8cbb8 schema:familyName
62 schema:givenName Ludovic
63 rdf:type schema:Person
64 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
65 schema:name Information and Computing Sciences
66 rdf:type schema:DefinedTerm
67 anzsrc-for:0801 schema:inDefinedTermSet anzsrc-for:
68 schema:name Artificial Intelligence and Image Processing
69 rdf:type schema:DefinedTerm
70 sg:person.015336520224.18 schema:affiliation https://www.grid.ac/institutes/grid.410387.9
71 schema:familyName Wespi
72 schema:givenName Andreas
73 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015336520224.18
74 rdf:type schema:Person
75 sg:person.016303555143.12 schema:affiliation https://www.grid.ac/institutes/grid.89485.38
76 schema:familyName Debar
77 schema:givenName Hervé
78 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016303555143.12
79 rdf:type schema:Person
80 https://www.grid.ac/institutes/grid.410387.9 schema:alternateName IBM Research - Zurich
81 schema:name Zurich Research Laboratory, IBM Research, Säumerstrasse 4, CH-8803, Rüschlikon, Switzerland
82 rdf:type schema:Organization
83 https://www.grid.ac/institutes/grid.89485.38 schema:alternateName Orange (France)
84 schema:name France Télécom R&D, 42 Rue des Coutures, F-14000, Caen, France
85 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...