Development of Threat Evaluation Tool for Distributed Network Environment

Keun Hee Han; Il Gon Kim; Kang Won Lee; Jin Young Choi; Sang Hun Jeon

Development of Threat Evaluation Tool for Distributed Network Environment

Authors

Keun Hee Han
Il Gon Kim
Kang Won Lee
Jin Young Choi
Sang Hun Jeon

Keywords:

ESM (Enterprise Security Management), SIM (Security Information Management), SIA (Security Information Alert), IDS (Intrusion Detection System)

Abstract

Current information protection systems only detect and warn against individual intrusion, and are not able to provide a collective and synthesized alert message. In this paper, we propose a new Meta-IDS system which is called ``SIA System''. The SIA system can filter redundant alert messages, analyze mixed attacks using correlation alert messages from each sensor and respond to security threats quickly, after classifying them into one of four different statuses. Then we implement the SIA system and test the efficiency of it in the managed networks. Thus we confirm that the SIA system enables security managers to deal with security threats efficiently.

Downloads

Download data is not yet available.

Downloads

Published

2012-02-03

How to Cite

Han, K. H., Kim, I. G., Lee, K. W., Choi, J. Y., & Jeon, S. H. (2012). Development of Threat Evaluation Tool for Distributed Network Environment. COMPUTING AND INFORMATICS, 24(2), 109–121. Retrieved from https://www.cai.sk/ojs/index.php/cai/article/view/370

Download Citation

Issue

Vol. 24 No. 2 (2005): Computing and Informatics

Section

Articles

Development of Threat Evaluation Tool for Distributed Network Environment

Authors

Keywords:

Abstract

Downloads

Downloads

Published

How to Cite

Issue

Section

Most read articles by the same author(s)

Information

Make a Submission

Keywords