A Framework to Collect Security Events for Intrusion Analysis

It becomes a problem when you have several firewalls, intrusion sensors or servers and to top it off, not all firewalls and intrusion sensors generate logs in a standard format. This means you may need several tools to analyze data maybe even one tool per each device per vendor. This can be a mess....
Jim Chrisos
April 3, 2006

All papers are copyrighted. No re-posting of papers is permitted