A new distributed IDS based on CVSS framework
Résumé
The objective of this paper is to describe a new distributed Intrusion Detection System (IDS) based on CVSS framework. This new platform uses a wide set of classical IDS and detection entities. This distributed IDS aims to improve the discovery of anomalies by reducing the rate of false positives and false negatives. Entities correlate the different alerts emitted by local probes. The severity of anomalies is evaluated by using a cumulative score of alerts scores.