Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

D. Bolzoni; Sandro Etalle; Pieter H. Hartel

doi:10.1007/978-3-642-04342-0_1

Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

D. Bolzoni, Sandro Etalle, Pieter H. Hartel

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

891 Downloads (Pure)

Abstract

Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an anomaly-based network intrusion detection system.

Original language	Undefined
Title of host publication	Recent Advances in Intrusion Detection (RAID)
Editors	E. Kirda, S. Jha, D. Balzarotti
Place of Publication	Heidelberg
Publisher	Springer
Pages	1-20
Number of pages	21
ISBN (Print)	978-3-642-04341-3
DOIs	https://doi.org/10.1007/978-3-642-04342-0_1
Publication status	Published - Sep 2009
Event	Recent Advances in Intrusion Detection - Duration: 1 Sep 2009 → 1 Sep 2009

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer Verlag
Volume	5758

Conference

Conference	Recent Advances in Intrusion Detection
Period	1/09/09 → 1/09/09

Keywords

METIS-264059
IR-68138
SCS-Cybersecurity
attack classification
EWI-16130
anomaly-based intrusion detection systems

Access to Document

10.1007/978-3-642-04342-0_1

Cite this

Bolzoni, D., Etalle, S., & Hartel, P. H. (2009). Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems. In E. Kirda, S. Jha, & D. Balzarotti (Eds.), Recent Advances in Intrusion Detection (RAID) (pp. 1-20). [10.1007/978-3-642-04342-0_1] (Lecture Notes in Computer Science; Vol. 5758). Springer. https://doi.org/10.1007/978-3-642-04342-0_1

@inproceedings{d44b486ec713434c9e0d2e44cb63cd20,

title = "Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems",

abstract = "Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an anomaly-based network intrusion detection system.",

keywords = "METIS-264059, IR-68138, SCS-Cybersecurity, attack classification, EWI-16130, anomaly-based intrusion detection systems",

author = "D. Bolzoni and Sandro Etalle and Hartel, {Pieter H.}",

note = "The work is patent pending.; null ; Conference date: 01-09-2009 Through 01-09-2009",

year = "2009",

month = sep,

doi = "10.1007/978-3-642-04342-0_1",

language = "Undefined",

isbn = "978-3-642-04341-3",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "1--20",

editor = "E. Kirda and S. Jha and D. Balzarotti",

booktitle = "Recent Advances in Intrusion Detection (RAID)",

}

Bolzoni, D, Etalle, S & Hartel, PH 2009, Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems. in E Kirda, S Jha & D Balzarotti (eds), Recent Advances in Intrusion Detection (RAID)., 10.1007/978-3-642-04342-0_1, Lecture Notes in Computer Science, vol. 5758, Springer, Heidelberg, pp. 1-20, Recent Advances in Intrusion Detection, 1/09/09. https://doi.org/10.1007/978-3-642-04342-0_1

Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems. / Bolzoni, D.; Etalle, Sandro; Hartel, Pieter H.

Recent Advances in Intrusion Detection (RAID). ed. / E. Kirda; S. Jha; D. Balzarotti. Heidelberg : Springer, 2009. p. 1-20 10.1007/978-3-642-04342-0_1 (Lecture Notes in Computer Science; Vol. 5758).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

AU - Bolzoni, D.

AU - Etalle, Sandro

AU - Hartel, Pieter H.

N1 - The work is patent pending.

PY - 2009/9

Y1 - 2009/9

N2 - Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an anomaly-based network intrusion detection system.

AB - Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an anomaly-based network intrusion detection system.

KW - METIS-264059

KW - IR-68138

KW - SCS-Cybersecurity

KW - attack classification

KW - EWI-16130

KW - anomaly-based intrusion detection systems

U2 - 10.1007/978-3-642-04342-0_1

DO - 10.1007/978-3-642-04342-0_1

M3 - Conference contribution

SN - 978-3-642-04341-3

T3 - Lecture Notes in Computer Science

SP - 1

EP - 20

BT - Recent Advances in Intrusion Detection (RAID)

A2 - Kirda, E.

A2 - Jha, S.

A2 - Balzarotti, D.

PB - Springer

CY - Heidelberg

Y2 - 1 September 2009 through 1 September 2009

ER -