DocumentCode :
3081442
Title :
Real-time classification of IDS alerts with data mining techniques
Author :
Vaarandi, Risto
Author_Institution :
Cooperative Cyber Defence Centre of Excellence, Tallinn, Estonia
fYear :
2009
fDate :
18-21 Oct. 2009
Firstpage :
1
Lastpage :
7
Abstract :
During the last decade, intrusion detection systems (IDSs) have become a widely used measure for security management. However, these systems often generate many false positives and irrelevant alerts. In this paper, we propose a data mining based real-time method for distinguishing important network IDS alerts from frequently occurring false positives and events of low importance. Unlike conventional data mining based approaches, our method is fully automated and able to adjust to environment changes without a human intervention.
Keywords :
data mining; pattern classification; security of data; data mining techniques; intrusion detection systems; real-time IDS alert classification; security management; Data mining; Data security; Event detection; Filtering; Filters; Humans; Intrusion detection; Monitoring; Telecommunication traffic; Testing;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Military Communications Conference, 2009. MILCOM 2009. IEEE
Conference_Location :
Boston, MA
Print_ISBN :
978-1-4244-5238-5
Electronic_ISBN :
978-1-4244-5239-2
Type :
conf
DOI :
10.1109/MILCOM.2009.5379762
Filename :
5379762
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3081442
بازگشت