Abstract | ||
---|---|---|
Purpose - The purpose of this paper is to show how to ensure a real-time precise aggregation processing of network security events without difficultly determined parameters. Design/methodology/approach - The aggregation method includes the choice of aggregation granularity, consistency of abstraction layer, the expression of all hyper security events (HSEs) of a node in cache, and aggregation algorithm based on classification, etc. Findings - The aggregation method is capable to provide a real-time way for good HSEs for next correlation processing with weak and easy parameters to determine. Research limitations/implications - The cost of space is not discussed in the method. Practical implications - The aggregation method is suitable for real-time management of difficult issues to resolve massive security events. Originality/value - Many ideas and concepts of the paper are proposed for the first time, such as the expression of all HSEs of a node in cache, weak queue length instead of the weak-time window and so on. |
Year | DOI | Venue |
---|---|---|
2011 | 10.1108/03684921111142467 | KYBERNETES |
Keywords | Field | DocType |
Cybernetics,Correlation analysis,Network operating systems,Data security,Process management | Data security,Cache,Computer science,Network security,Queue,Granularity,Abstraction layer,Correlation analysis,Cybernetics,Distributed computing | Journal |
Volume | Issue | ISSN |
40 | 5-6 | 0368-492X |
Citations | PageRank | References |
0 | 0.34 | 3 |
Authors | ||
5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Zhitang Li | 1 | 226 | 31.89 |
Yang-Ming Ma | 2 | 6 | 2.02 |
Li Wang | 3 | 250 | 15.76 |
Jie Lei | 4 | 0 | 1.69 |
Jie Ma | 5 | 2 | 1.06 |