Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

D. Bolzoni, Sandro Etalle, Pieter H. Hartel

    Research output: Book/ReportReportProfessional

    20 Citations (Scopus)
    46 Downloads (Pure)

    Abstract

    Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an anomaly-based network intrusion detection system.
    Original languageUndefined
    Place of PublicationEnschede
    PublisherCentre for Telematics and Information Technology (CTIT)
    Number of pages21
    Publication statusPublished - 2009

    Publication series

    NameCTIT Technical Report Series
    No.TR-CTIT-09-10
    ISSN (Print)1381-3625

    Keywords

    • EWI-15424
    • anomaly-based intrusion detection systems
    • Attack classication
    • METIS-263879
    • SCS-Cybersecurity

    Cite this