An Alert Fusion Method Based on Grey Relation and Attribute Similarity Correlation

Authors

  • Wei Liang Department of Software Engineering, Xiamen University of Technology
  • Zuo Chen College of Computer Science and Electronic Engineering, Hunan University
  • Ya Wen College of Computer Science and Electronic Engineering, Hunan University
  • Weidong Xiao Department of Software Engineering, Xiamen University of Technology

DOI:

https://doi.org/10.3991/ijoe.v12i08.5958

Keywords:

Grey correlation analysis, Attribute similarity, Aggregation, Hyper alerts

Abstract


Various security devices which produce a large volume of logs and alerts have been used widely. It is such a troublesome and time-consuming task for network managers to analyze and deal with the information. This paper presented an improved alerts aggregation method based on grey correlation and attribute similarity method. We used grey correlation to ascertain the importance of alert attributes in network security, and considered it as the weight of attributes. Then we combined with the attribute similarity method and calculated the overall feature similarity in order to complete alert aggregation. Experiments results showed that this method had a strict mathematical theory basis and a higher practical value, which can effectively reduce raw alerts and reduce redundancy for alert data fusion.

Author Biographies

Wei Liang, Department of Software Engineering, Xiamen University of Technology

W. Liang is with the Department of Software Engineering, Xiamen University of Technology

Zuo Chen, College of Computer Science and Electronic Engineering, Hunan University

Z. Chen is with College of Computer Science and Electronic Engineering, Hunan University

Ya Wen, College of Computer Science and Electronic Engineering, Hunan University

Y. Wen is with College of Computer Science and Electronic Engineering, Hunan University

Weidong Xiao, Department of Software Engineering, Xiamen University of Technology

W. Xiao is with the Department of Software Engineering, Xiamen University of Technology

Downloads

Published

2016-08-30

How to Cite

Liang, W., Chen, Z., Wen, Y., & Xiao, W. (2016). An Alert Fusion Method Based on Grey Relation and Attribute Similarity Correlation. International Journal of Online and Biomedical Engineering (iJOE), 12(08), pp. 25–30. https://doi.org/10.3991/ijoe.v12i08.5958

Issue

Section

Papers