• DocumentCode
    2830232
  • Title

    A Hierarchical Alarm Processing Model for Intrusion Detection System

  • Author

    Lizhong Xiao ; YunXiang Liu ; Zhongdai Wu

  • Author_Institution
    Dept. of Comput. Sci. & Inf. Eng., Shanghai Inst. of Technol., Shanghai, China
  • fYear
    2009
  • fDate
    19-20 Dec. 2009
  • Firstpage
    1
  • Lastpage
    4
  • Abstract
    For the alarm flooding problem, a hierarchical alarm processing model is studied to filter, reduce and correlate alarms. In filtering, false alarms are eliminated with repository. In reduction, a reduction algorithm is designed to remove the duplicate alarms in real time. In correlation, a frequent episodes algorithm is implemented on training data to help clustering-based correlation algorithm find the intrusion patterns. Through the above processing, the false and invalid alarms are eliminated, which eases the networks system and administrator´s burden. Meanwhile, intrusion patterns can be found and alarm prediction can be reported. Experimental results show the model is effective.
  • Keywords
    security of data; alarm flooding problem; clustering-based correlation algorithm; hierarchical alarm processing model; intrusion detection system; Clustering algorithms; Computer science; Computer science education; Educational technology; Filters; Floods; Information filtering; Information systems; Intrusion detection; Mobile computing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Engineering and Computer Science, 2009. ICIECS 2009. International Conference on
  • Conference_Location
    Wuhan
  • Print_ISBN
    978-1-4244-4994-1
  • Type

    conf

  • DOI
    10.1109/ICIECS.2009.5364079
  • Filename
    5364079
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2830232