We are currently experiencing intermittent issues impacting performance. We apologize for the inconvenience.
By Topic

Hierarchical clustering and visualization of aggregate cyber data

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Patton, R.M. ; Appl. Software Eng. Res., Oak Ridge Nat. Lab., Oak Ridge, TN, USA ; Beaver, J.M. ; Steed, C.A. ; Potok, T.E.
more authors

Most commercial intrusion detections systems (IDS) can produce a very high volume of alerts, and are typically plagued by a high false positive rate. The approach described here uses Splunk to aggregate IDS alerts. The aggregated IDS alerts are retrieved from Splunk programmatically and are then clustered using text analysis and visualized using a sunburst diagram to provide an additional understanding of the data. The equivalent of what the cluster analysis and visualization provides would require numerous detailed queries using Splunk and considerable manual effort.

Published in:

Wireless Communications and Mobile Computing Conference (IWCMC), 2011 7th International

Date of Conference:

4-8 July 2011