False Alarm Minimization Scheme based on Multi-Class SVM

نویسندگان

  • Gil-Han Kim
  • Hyung-woo Lee
چکیده

The existing well-known network based intrusion detection/ prevention techniques such as the misuse detection technique, etc, are widely used. However, because the misuse detection based intrusion prevention system is proportionally depending on the detection rules, it causes excessive large false alarm which is linked to wrong correspondence. This study suggests an intrusion prevention system which uses multi-class Support Vector Machines (SVM) as one of the rule based intrusion prevention system and anomaly detection system in order to solve these problems. When proposed scheme is compared with existing intrusion prevention system, it show enhanced performance result that improve about 20% and propose false positive minimize with effective detection on new variant attacks.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

False alarm minimization techniques in signature-based intrusion detection systems: A survey

A network based Intrusion Detection System (IDS) gathers and analyzes network packets and report possible low level security violations to a system administrator. In a large network setup, these low level and partial reports become unmanageable to the administrator resulting in some unattended events. Further it is known that state of the art IDS generate many false alarms. There are techniques...

متن کامل

Controlling False Alarm/Discovery Rates in Online Internet Traffic Classification

Classifying Internet traffic flows online into applications or broader classes without inspecting the packet payloads or without relying on port numbers has become a necessity for network operators. The operators can use this information to monitor their networks and provide per-class quality of service. There has been a great deal of research done on Internet traffic classification recently an...

متن کامل

Distributed online outlier detection in wireless sensor networks using ellipsoidal support vector machine

Low quality sensor data limits WSN capabilities for providing reliable real-time situationawareness. Outlier detection is a solution to ensure the quality of sensor data. An effective and efficient outlier detection technique for WSNs not only identifies outliers in a distributed and online manner with high detection accuracy and low false alarm, but also satisfies WSN constraints in terms of c...

متن کامل

Data Fusion and Multi-fault Classification Based On Support Vector Machines

As a new general machine-learning tool based on structural risk minimization principle, Support Vector Machines (SVM) has the advantageous characteristic of good generalization. For this reason, the application of SVM in fault diagnosis field has becomes one growing reach focus. In this paper, data fusion strategy based on multi-class SVMs is proposed to diagnose the gear fault. The fault featu...

متن کامل

Minimization of the optical smoke detector false alarm probability by optimizing its frequency characteristic

The exclusive use of the time domain analysis in the design tuning to lower the probability of false alarms is caused by the output signal binary nature prevailing in the optical smoke detector designs. However, the characteristic of a standard detector circuit is fairly linear up to the output comparator. On the basis of the generalized functional block scheme, for this linear dependence the L...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2006