Application of Bayesian Correlation Arithmetic to Distributed Intrusion Detection System
Bayesian事件关联算法在分布式入侵检测系统中的应用

On the basis of analyzing the Multiple-source events correlation in the Distributed Intrusion Detection,we introduce a framework of real-time events gathering and correlation analyzing, which is based on the Multiple Dis- tributed Intrusion Detection's Sensors. Using Bayesian correlation arithmetic,we process the events such as filtering, reducing,and formatting them. At last,we provide the unified formatted evidences based on IDMEF to upper level model to deduce whether attack is true. The framework has been applied in our item projected by science and technol- ogy key project of National ministry of education.