Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

D. Bolzoni; Sandro Etalle; Pieter H. Hartel

Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

D. Bolzoni, Sandro Etalle, Pieter H. Hartel

Research output: Book/Report › Report › Other research output

80 Downloads (Pure)

Abstract

Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an anomaly-based network intrusion detection system.

Original language	Undefined
Place of Publication	Enschede
Publisher	Centre for Telematics and Information Technology (CTIT)
Number of pages	21
Publication status	Published - 2009

Publication series

Name
Publisher	Centre for Telematics and Information Technology, University of Twente
No.	TR-CTI
ISSN (Print)	1381-3625

Keywords

IR-65446
Attack classication
anomaly-based intrusion detection systems

Access to Document

bh09

Cite this

@book{fec78e10dfb143b19e5809eb7108ed1e,

title = "Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems",

abstract = "Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an anomaly-based network intrusion detection system.",

keywords = "IR-65446, Attack classication, anomaly-based intrusion detection systems",

author = "D. Bolzoni and Sandro Etalle and Hartel, {Pieter H.}",

note = "The work is patent pending. ",

year = "2009",

language = "Undefined",

publisher = "Centre for Telematics and Information Technology (CTIT)",

number = "TR-CTI",

address = "Netherlands",

}

TY - BOOK

T1 - Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

AU - Bolzoni, D.

AU - Etalle, Sandro

AU - Hartel, Pieter H.

N1 - The work is patent pending.

PY - 2009

Y1 - 2009

N2 - Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an anomaly-based network intrusion detection system.

AB - Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an anomaly-based network intrusion detection system.

KW - IR-65446

KW - Attack classication

KW - anomaly-based intrusion detection systems

M3 - Report

BT - Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

PB - Centre for Telematics and Information Technology (CTIT)

CY - Enschede

ER -