Classification of IDS Alerts with Data Mining Techniques
نویسندگان
چکیده
Intrusion detection systems (IDSs) have become a widely used measure for security, but we still have a problem on those systems results which includes many irrelevant alerts, so we will propose a data mining based method for classification to distinguish serious alerts and irrelevant one with the performance of 99.9 % in comparison with the other recent data mining methods which have reached the performance of 97%. Also we create a list of alerts sorted by alert’s importance to minimize the human interventions. Keyword: Intrusion Detection, Data Mining, Frequent Pattern, Frequent Itemset, support
منابع مشابه
Alert correlation and prediction using data mining and HMM
Intrusion Detection Systems (IDSs) are security tools widely used in computer networks. While they seem to be promising technologies, they pose some serious drawbacks: When utilized in large and high traffic networks, IDSs generate high volumes of low-level alerts which are hardly manageable. Accordingly, there emerged a recent track of security research, focused on alert correlation, which ext...
متن کاملData Mining Based Technique for IDS Alerts Classification
Intrusion detection systems (IDSs) have become a widely used measure for security systems. The main problem for those systems results is the irrelevant alerts on those results. We will propose a data mining based method for classification to distinguish serious alerts and irrelevant one with a performance of 99.9 % which is better in comparison with the other recent data mining methods that hav...
متن کاملEffective Intrusion Detection System using Data Mining Technique
Network Security has become the key foundation with the tremendous increase in usage of network-based services and information sharing on networks. Intrusion poses a serious risk to the network security and compromise integrity, confidentiality & availability of the computer and network resources. Human classification of network audit data is expensive, time consuming and a tedious job. Intrusi...
متن کاملApplication of Data Mining in Network Intrusion Detection System
This paper presents a brief review of the application of various Data Mining techniques and their advances in the design, development and application of Intrusion Detection Systems (IDS) for protecting computer and communication networks from intruders. Data mining techniques are used to monitor and analyze large amount of network data & classify these network data into anomalous and normal dat...
متن کاملApplication of Case-Based Reasoning to Multi-Sensor Network Intrusion Detection
An intrusion detection system (IDS) is generally limited by having a single detection model and a single information source for detecting attacks. Multi-sensor (or meta) intrusion detection addresses this problem by combining results of multiple IDSs and providing global decisions. Nearly all current meta-IDSs are either statistics-based or logical rule-based and typically require substantial h...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/1401.4872 شماره
صفحات -
تاریخ انتشار 2012