%0 Journal Article
%T IDS alert verification based on multi-source security information<br>基于多源安全信息的IDS告警验证研究
%A WANG Jing-xin
%A WANG Zhi-ying
%A DAI Kui
%A <br>王景新
%A 王志英
%A 戴葵
%J 计算机应用
%D 2007
%I 
%X Due to the design flaws and the ignorance of the target system's information, there exist several shortages in the current intrusion detection systems, such as alert overload and high false alarm rate. To solve these problems, based on the analysis of the current alert verification algorithms, a new alert verification algorithm has been presented in this paper. By utilizing the multi source security information including vulnerability information, system security log and the system state inspection information, the raw IDS alert information generated by the intrusion detection system can be verified and filtered according to the verification algorithm. Experimental results have demonstrated the effectiveness of the verification algorithm.
%K multi-source security information
%K alert verification<br>多源安全信息
%K 告警验证
%K 多源
%K 安全信息
%K 验证研究
%K information
%K security
%K based
%K verification
%K 有效性
%K 系统相关
%K 告警信息
%K 监测信息
%K 系统状态
%K 漏洞信息
%K 深度
%K 方法
%K 利用
%K 分析
%K 验证算法
%K 问题
%K 效果
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=831E194C147C78FAAFCC50BC7ADD1732&aid=14E16CBD27430512711BEDD5AE09383A&yid=A732AF04DDA03BB3&vid=DB817633AA4F79B9&iid=5D311CA918CA9A03&sid=B37991020B552F70&eid=E1E3BF53C3583450&journal_id=1001-9081&journal_name=计算机应用&referenced_num=0&reference_num=4