Title :
False Alert Reduction on Network-Based Intrusion Detection Systems by Means of Feature Frequencies
Author :
Khanchi, Sara ; Adibnia, Fazlollah
Author_Institution :
Electr. & Comput. Eng., Yazd Univ., Yazd, Iran
Abstract :
Internet grows day to day and so on the complexity of its security. Different types of people all around the world use Internet in their daily routine tasks. Internet and network security challenges make use of more efficient and complicated defense tools such as Intrusion Detection Systems (IDSs) vital. Nowadays attempts to solve IDS problems are under consideration. One of the deficiencies of current commercial IDSs is huge number of alerts. Most of generated IDS alerts are related to benign events which overwhelm the analyst. In this paper we try to reduce number of IDS false alerts and filter out those with high scores to decrease analyst workload. Our approach is evaluated on DARPA 2000 dataset and its efficiency has been shown.
Keywords :
Internet; computer network security; IDS false alerts reduction; Internet security; network based intrusion detection system; Computer networks; Computer security; Control systems; Filters; Frequency; Internet; Intrusion detection; Power system security; Telecommunication computing; Telecommunication control; False alert; Frequency; Hash table; Intrusion detection system;
Conference_Titel :
Advances in Computing, Control, & Telecommunication Technologies, 2009. ACT '09. International Conference on
Conference_Location :
Trivandrum, Kerala
Print_ISBN :
978-1-4244-5321-4
Electronic_ISBN :
978-0-7695-3915-7
DOI :
10.1109/ACT.2009.221