Knowledge Discovery from Telecommunication Network Alarm Databases
ICDE '96 Proceedings of the Twelfth International Conference on Data Engineering
Mining intrusion detection alarms for actionable knowledge
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Clustering intrusion detection alarms to support root cause analysis
ACM Transactions on Information and System Security (TISSEC)
Time series modeling for IDS alert management
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Intrusion detection alarms reduction using root cause analysis and clustering
Computer Communications
Processing intrusion detection alert aggregates with time series modeling
Information Fusion
A comprehensive vulnerability based alert management approach for large networks
Future Generation Computer Systems
Network specific vulnerability based alert reduction approach
Security and Communication Networks
| Hi-index | 0.00 |
During the last decade, intrusion detection systems (IDSs) have become a widely used measure for security management. However, these systems often generate many false positives and irrelevant alerts. In this paper, we propose a data mining based real-time method for distinguishing important network IDS alerts from frequently occurring false positives and events of low importance. Unlike conventional data mining based approaches, our method is fully automated and able to adjust to environment changes without a human intervention.