Extending intrusion alert quality framework (IAQF) with new data quality parameters
| dc.contributor.author | Aik Kian, Eng | |
| dc.date.accessioned | 2015-09-14T03:55:36Z | |
| dc.date.available | 2015-09-14T03:55:36Z | |
| dc.date.issued | 2008-06 | |
| dc.description.abstract | Intrusion Alert Quality Framework (IAQF) is a framework design to enhance and enrich IDS's alerts with data quality. It main purposes is to assist network and security engineers in making effective and efficient decisions about the security status of a particular host. IAQF enriched the alerts generated by IDS/IPS with data quality (alive-correctness, oscorrectness, service-correctness, etc) scores which used to quantify the alerts score. Current IAQF's data quality parameters are very limited and detects a small amount of attacks where other malicious events may escape IAQF data quality verification. This thesis proposed the improvement to existing IAQF by extending the additional data quality parameters (rules, weights and formula) to address malicious events such as virus, worm, backdoor and spyware. The extended IAQF tested in three case studies and it managed to identify 8% to 10% additional malicious alerts compared to the exiting IAQF. The conclusion draws from this research is that adding more data quality parameters to IAQF improve the identification of false alert. | en_US |
| dc.identifier.uri | http://hdl.handle.net/123456789/1182 | |
| dc.language.iso | en | en_US |
| dc.subject | Alert quality framework (IAQF) | en_US |
| dc.subject | Data quality parameters | en_US |
| dc.title | Extending intrusion alert quality framework (IAQF) with new data quality parameters | en_US |
| dc.type | Thesis | en_US |
Files
License bundle
1 - 1 of 1
Loading...
- Name:
- license.txt
- Size:
- 1.71 KB
- Format:
- Item-specific license agreed upon to submission
- Description: