The False Positive Alert Reduction Using Data mining Techniques in Intrusion Detection System

Information security is a vital aspect of any organization. Most of the organizations relay and trust on the intrusion Detection System (IDS) which play important role in detecting intrusions in data network environment. The design of IDS varies with implementation of different IDS techniques involved. The design of IDS techniques keep changes as the trend of data network innovative attack methods gets updated day by day. Hence there is no single perfect solution is found for detecting the intrusions in the data network. In general IDS systems are complex and it is an ongoing process. There are dissimilar types of intrusion detection systems exist and pass through a common problem of rendering high volume of alerts and immense number of false positives. The false positive alert alters the space and time complexities of the IDS modules and gradually slows down the detection rate and performance of the system. This is the main motive behind the research of this paper. The objective of this research paper is to explore and suggest different techniques which help design in building the optimal intrusion Detection system of low cost and high performing computational capability and adaptability to various network environments for the results of false alert reduction, a high intrusion detection rate, risk management both detection and control the intrusions, finally to identify the real attacks from other false alarms and events of the system. This paper navigates through different associated studies of the last decade with providing a citation for further research in this domain. Various unresolved issues have also been covered in this manuscript.