Section: New Software and Platforms
GNG
Security Supervision by Alert Correlation
Keywords: Intrusion Detection Systems (IDS) - SIEM
Scientific Description
GNG is an intrusion detection system that correlates different sources (such as different logs) in order to identify attacks against the system. The attack scenarios are defined using the Attack Description Langage (ADeLe) proposed by our team, and are internally translated to attack recognition automatons. GNG intends to define time efficient algorithms based on these automatons to recognize complex attack scenarios.