2012 | OriginalPaper | Buchkapitel
Adaptive False Alarm Filter Using Machine Learning in Intrusion Detection
verfasst von : Yuxin Meng, Lam-for Kwok
Erschienen in: Practical Applications of Intelligent Systems
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Intrusion detection systems (IDSs) have been widely deployed in organizations nowadays as the last defense for the network security. However, one of the big problems of these systems is that a large amount of alarms especially false alarms will be produced during the detection process, which greatly aggravates the analysis workload and reduces the effectiveness of detection. To mitigate this problem, we advocate that the construction of a false alarm filter by utilizing machine learning schemes is an effective solution. In this paper, we propose an adaptive false alarm filter aiming to filter out false alarms with the best machine learning algorithm based on distinct network contexts. In particular, we first compare with six specific machine learning schemes to illustrate their unstable performance. Then, we demonstrate the architecture of our adaptive false alarm filter. The evaluation results show that our approach is effective and encouraging in real scenarios.