Anomaly-based intrusion detection systems are usually criticized because they lack a classification of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an anomaly-based network intrusion detection system.
|Place of Publication||Enschede|
|Number of pages||21|
|Publication status||Published - 2009|
|Name||CTIT Technical Report|
Bolzoni, D., Etalle, S., & Hartel, P. H. (2009). Panacea : Automating attack classification for anomaly-based network intrusion detection systems. (CTIT Technical Report; Vol. TR-CTIT-09-10). Universiteit Twente.