To read this content please select one of the options below:

A novel real‐time aggregation method on network security events

Zhitang Li (School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China and Network Center, Huazhong University of Science and Technology, Wuhan, China)
Yangming Ma (School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China and Network Center, Huazhong University of Science and Technology, Wuhan, China)
Li Wang (School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China and Network Center, Huazhong University of Science and Technology, Wuhan, China)
Jie Lei (School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China and Network Center, Huazhong University of Science and Technology, Wuhan, China)
Jie Ma (School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China and Network Center, Huazhong University of Science and Technology, Wuhan, China)

Kybernetes

ISSN: 0368-492X

Article publication date: 14 June 2011

472

Abstract

Purpose

The purpose of this paper is to show how to ensure a real‐time precise aggregation processing of network security events without difficultly determined parameters.

Design/methodology/approach

The aggregation method includes the choice of aggregation granularity, consistency of abstraction layer, the expression of all hyper security events (HSEs) of a node in cache, and aggregation algorithm based on classification, etc.

Findings

The aggregation method is capable to provide a real‐time way for good HSEs for next correlation processing with weak and easy parameters to determine.

Research limitations/implications

The cost of space is not discussed in the method.

Practical implications

The aggregation method is suitable for real‐time management of difficult issues to resolve massive security events.

Originality/value

Many ideas and concepts of the paper are proposed for the first time, such as the expression of all HSEs of a node in cache, weak queue length instead of the weak‐time window and so on.

Keywords

Citation

Li, Z., Ma, Y., Wang, L., Lei, J. and Ma, J. (2011), "A novel real‐time aggregation method on network security events", Kybernetes, Vol. 40 No. 5/6, pp. 912-920. https://doi.org/10.1108/03684921111142467

Publisher

:

Emerald Group Publishing Limited

Copyright © 2011, Emerald Group Publishing Limited

Related articles