Auto-validation of security alerts
Have you ever had a virus on your computer?
This project is about investigating such threats to a larger system to automatically validate the alerts generated by an Intrusion Detection System. In the current day, responses to threats are slow and leave the system vulnerable.
This project aims to create an analyser which can automatically validate and generate context about alerts, without human intervention, through current Artificial Intelligence techniques. Using previously gathered threat intelligence data, multiple classifiers will be built to organise related data. Using these classifiers, a validator will be built to analyse the alerts and choose the appropriate classifier to validate the output.
We present a system which can digest large amounts of alerts and is able to accurately identify a real alert to gain context about the alert - making the life of a security analyst easier.
Securing our future