Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an anomaly-based network intrusion detection system.
|Name||Lecture Notes in Computer Science|
|Conference||Recent Advances in Intrusion Detection|
|Period||1/09/09 → 1/09/09|
- attack classification
- anomaly-based intrusion detection systems