Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

D. Bolzoni, Sandro Etalle, Pieter H. Hartel

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    449 Downloads (Pure)

    Abstract

    Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an anomaly-based network intrusion detection system.
    Original languageUndefined
    Title of host publicationRecent Advances in Intrusion Detection (RAID)
    EditorsE. Kirda, S. Jha, D. Balzarotti
    Place of PublicationHeidelberg
    PublisherSpringer
    Pages1-20
    Number of pages21
    ISBN (Print)978-3-642-04341-3
    DOIs
    Publication statusPublished - Sep 2009

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer Verlag
    Volume5758

    Keywords

    • METIS-264059
    • IR-68138
    • SCS-Cybersecurity
    • attack classification
    • EWI-16130
    • anomaly-based intrusion detection systems

    Cite this

    Bolzoni, D., Etalle, S., & Hartel, P. H. (2009). Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems. In E. Kirda, S. Jha, & D. Balzarotti (Eds.), Recent Advances in Intrusion Detection (RAID) (pp. 1-20). [10.1007/978-3-642-04342-0_1] (Lecture Notes in Computer Science; Vol. 5758). Heidelberg: Springer. https://doi.org/10.1007/978-3-642-04342-0_1