METHOD FOR MANAGING A SET OF ALARMS EMITTED BY SENSORS FOR DETECTING INTRUSIONS OF A INFORMATION SECURITY SYSTEM

摘要

The invention relates to a method for managing a set of alarms emitted by intrusion detecting sensors (11a, 11b, 11c) of an information security system (1) comprising an alarm managing system (13), wherein each alarm is identified by an alarm identifier and an alarm content consisting in assigning a description comprising a conjunction of a plurality of valued attributes allocated to a plurality of attribute ranges to each alarm emitted by said intrusion detecting sensors (11a, 11b, 11c), organising the valued attributes allocated to each attribute range into a taxonomic structure defining generalisation ratios between said valued attributes and the plurality of attribute ranges forming the structure of taxonomic structures, completing the description of each said alarm by a set of values induced by the taxonomic structures from the valued attribute of said alarms in order to form completed alarms and in storing said completed alarms in a logic files (21) in such a way that it is possible to reference thereon.