On the use of different statistical tests for alert correlation - Short Paper

Authors :: Federico Maggi
Stefano Zanero
Source :: Scopus-Elsevier, Lecture Notes in Computer Science ISBN: 9783540743194, RAID
Publication Year :: 2007
Publisher :: Springer, 2007.
Abstract: In this paper we analyze the use of different types of statistical tests for the correlation of anomaly detection alerts. We show that the Granger Causality Test, one of the few proposals that can be extended to the anomaly detection domain, strongly depends on good choices of a parameter which proves to be both sensitive and difficult to estimate. We propose a different approach based on a set of simpler statistical tests, and we prove that our criteria work well on a simplified correlation task, without requiring complex configuration parameters.

Subjects :: Set (abstract data type)
Correlation
Granger causality
Computer science
Anomaly detection
Intrusion detection system
Data mining
computer.software_genre
INF
computer
Task (project management)
Domain (software engineering)
Statistical hypothesis testing

Language :: English
ISBN :: 978-3-540-74319-4
ISBNs :: 9783540743194
Database :: OpenAIRE
Journal :: Scopus-Elsevier, Lecture Notes in Computer Science ISBN: 9783540743194, RAID
Accession number :: edsair.doi.dedup.....23e461a415a0d755fbbe9e1a9b1f5a11

Tools