Intrusion detection
A data mining analysis of RTID alarms
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Mining intrusion detection alarms for actionable knowledge
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
HIDSUR: A Hybrid Intrusion Detection System Based on Real-Time User Recognition
DEXA '00 Proceedings of the 11th International Workshop on Database and Expert Systems Applications
Mining Alarm Clusters to Improve Alarm Handling Efficiency
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
An intelligent network-warning model with strong survivability
CANS'07 Proceedings of the 6th international conference on Cryptology and network security
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
Intelligent alarm filter using knowledge-based alert verification in network intrusion detection
ISMIS'12 Proceedings of the 20th international conference on Foundations of Intelligent Systems
IDS false alarm reduction using an instance selection KNN-memetic algorithm
International Journal of Metaheuristics
Hi-index | 0.00 |
Intrusion detection is one of he important aspects in computer security. Many commercial intrusion detection systems (IDSs) are available and are widely used by organizations. However, most of them suffer from the problem of high false alarm rate, which added heavy workload to security officers who are responsible for handling the alarms. In this paper, we propose a new method to reduce the number of false alarms. We model the normal alarm patterns of IDSs and detect anomaly from incoming alarm streams using k-nearest-neighbor classifier. Preliminary experiments show that our approach successfully reduces up to 93% of false alarms generated by a famous IDS.