• DocumentCode
    437622
  • Title

    A memory-based learning approach to reduce false alarms in intrusion detection

  • Author

    Weon, Ill-Young ; Song, Doo Heon ; Lee, Chang-Hoo ; Heo, Young-Jun ; Kim, Ki-Young

  • Author_Institution
    Dept. of Comput. Eng., Kon-Kuk Univ., Seoul
  • Volume
    1
  • fYear
    0
  • fDate
    0-0 0
  • Firstpage
    241
  • Lastpage
    245
  • Abstract
    Signature-based IDS is known to have acceptable accuracy but suffers from high rates of false alarms. We show a behavior based alarm reduction by using a memory-based machine learning technique - instance based learner. Our extended form of IBL (XIBL) examines SNORT alarm signals if that signal is worthy sending signals to security manager. A preliminary experiment shows that these exists an apparent difference between true alarms and false alarms with respect to XIBL behavior and the full experiment successfully exhibits the power of hybrid system is there is a rich set of analyzed data such as DARPA 1998 data set we used
  • Keywords
    computer network management; learning (artificial intelligence); telecommunication security; false alarm reduction; instance-based learning; intrusion detection; memory-based machine learning technique; network security; Association rules; Computer network management; Computer security; Data mining; Data security; Information security; Intrusion detection; Machine learning; Resource management; Telecommunication computing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Advanced Communication Technology, 2005, ICACT 2005. The 7th International Conference on
  • Conference_Location
    Phoenix Park
  • Type

    conf

  • DOI
    10.1109/ICACT.2005.245836
  • Filename
    1461779
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=437622