Intrusion Detection Alert Correlation Based on Choquet Fuzzy Integral
Nurbol1,2, CHAI Sheng1,3, LI Hong-wei1,3, HU Liang1,3
1. College of Computer Science and Technology Institute,Jilin University,Changchun,Jilin 130012,China;2. College of Information Science and Engineering,XinJiang University,Urumqi,Xinjiang 830046,China;3. Key Laboratory for Symbol Computation and Knowledge Engineering (Jilin University),Ministry of Education,Changchun,Jilin 130012,China
Abstract:The alert correlation,choquet fuzzy integral and fuzzy cognitive maps was analyzed,the correlation of IDS alerts based choquet fuzzy integral was proposed and the correlation engine of intrusion detection system was designed.Though experiences of the DRDOS attack and LLDOS attack,it is proved that the alert correlation in the paper could correlate the alerts with high feasibility.
2011, Vol. 39 
