Sites Inria

Version française


Project team Cidre, Inria Rennes - Bretagne Atlantique -

ABC: Automaton Based Online Correlation

This demonstration illustrates the algorithms used to correlate security alerts.

The purpose of this demonstration is to illustrate the algorithms used to correlate security alerts emitted by Intrusion Detection Systems and sensors, in order to detect multi-step attack scenarios. This prototype has been developed in the context of the FP7 PANOPTESEC European project. The demonstration will focus on the visualisation of the internals of the correlator (i.e., its internal data structures, how this internal state evolve when alerts are received).

  • Team : Cidre
  • Partners  : INRIA, SUPELEC (RENNES), CNRS, UNIVERSITÉ RENNES 1 / dans le cadre du projet EU FP7 Panoptesec

Keywords: Security Alert correlation Intrusion detection Supervision