Title :
A SOM and Bayesian Network Architecture for Alert Filtering in Network Intrusion Detection Systems
Author :
Faour, Ahmad ; Leray, Philippe ; Eter, Bassam
Author_Institution :
Lab. LITIS, INSA, Rouen
Abstract :
With the ever growing deployment of networks and the Internet, the importance of network security has increased. Recently, however, systems that detect intrusions, which are important in security countermeasures, have been unable to provide proper analysis or an effective defense mechanism. Instead, they have overwhelmed human operators with a large volume of intrusion detection alerts. This paper presents a new approach for handling intrusion detection alarms more efficiently. We propose here an architecture for automated alarm filtering based on classical method of clustering (self-organizing maps) coupled with probabilistic graphical model (Bayesian belief networks) for determining if the network is really attacked
Keywords :
Internet; belief networks; pattern clustering; probability; security of data; self-organising feature maps; telecommunication computing; Bayesian belief networks; Bayesian network architecture; Internet; automated alarm filtering; clustering; network intrusion detection systems; network security; probabilistic graphical model; self-organizing maps; Association rules; Bayesian methods; Data mining; Electronic mail; Graphical models; Humans; IP networks; Information filtering; Information filters; Intrusion detection; Bayesian Networks and Alarms Filterirng; Clusterirng; Intrusion Detection; Network Security;
Conference_Titel :
Information and Communication Technologies, 2006. ICTTA '06. 2nd
Conference_Location :
Damascus
Print_ISBN :
0-7803-9521-2
DOI :
10.1109/ICTTA.2006.1684924