Introducing a New Alert Data Set for Multi-Step Attack Analysis. (arXiv:2308.12627v1 [cs.CR])

Intrusion detection systems (IDS) reinforce cyber defense by autonomously
monitoring various data sources for traces of attacks. However, IDSs are also
infamous for frequently raising false positives and alerts that are difficult
to interpret without context. This results in high workloads on security
operators who need to manually verify all reported alerts, often leading to
fatigue and incorrect decisions. To generate more meaningful alerts and
alleviate these issues, the research domain focused on multi-step attack
analysis proposes approaches for filtering, …

alert alerts analysis attack attack analysis attacks context cyber cyber defense data data sources defense detection false positives high ids idss intrusion intrusion detection monitoring results security systems traces workloads