Processing intrusion detection alert aggregates with time series modeling
The main use of intrusion detection systems (IDS) is to detect attacks against information
systems and networks. Normal use of the network and its functioning can also be monitored …
systems and networks. Normal use of the network and its functioning can also be monitored …
Reducing false positives in anomaly detectors through fuzzy alert aggregation
In this paper we focus on the aggregation of IDS alerts, an important component of the alert
fusion process. We exploit fuzzy measures and fuzzy sets to design simple and robust alert …
fusion process. We exploit fuzzy measures and fuzzy sets to design simple and robust alert …
Real-time classification of IDS alerts with data mining techniques
R Vaarandi - MILCOM 2009-2009 IEEE Military …, 2009 - ieeexplore.ieee.org
During the last decade, intrusion detection systems (IDSs) have become a widely used
measure for security management. However, these systems often generate many false …
measure for security management. However, these systems often generate many false …
Debt detection in social security by sequence classification using both positive and negative patterns
Debt detection is important for improving payment accuracy in social security. Since debt
detection from customer transactional data can be generally modelled as a fraud detection …
detection from customer transactional data can be generally modelled as a fraud detection …
[PDF][PDF] Intelligent alert clustering model for network intrusion analysis
As security threats change and advance in a drastic way, most of the organizations
implement multiple Network Intrusion Detection Systems (NIDSs) to optimize detection and …
implement multiple Network Intrusion Detection Systems (NIDSs) to optimize detection and …
A decision support system for constructing an alert classification model
NY Jan, SC Lin, SS Tseng, NP Lin - Expert Systems with Applications, 2009 - Elsevier
As the rapid growth of network attacking tools, patterns of network intrusion events change
gradually. Although many researches had been proposed to analyze network intrusion …
gradually. Although many researches had been proposed to analyze network intrusion …
[PDF][PDF] A hybrid intelligent approach for automated alert clustering and filtering in intrusion alert analysis
As security threats change and advance in a drastic way, most of the organizations
implement multiple Network Intrusion Detection Systems (NIDSs) to optimize detection and …
implement multiple Network Intrusion Detection Systems (NIDSs) to optimize detection and …
Preprocessor of intrusion alerts correlation based on ontology
W Li, S Tian - 2009 WRI International Conference on …, 2009 - ieeexplore.ieee.org
Intrusion detection systems (IDS) often provide a large number and poor quality alerts, which
are insufficient to support rapid identification of ongoing attacks or predict an intruderpsilas …
are insufficient to support rapid identification of ongoing attacks or predict an intruderpsilas …
Intelligent clustering with PCA and unsupervised learning algorithm in intrusion alert correlation
As security threats advance in a drastic way, most of the organizations implement multiple
network intrusion detection systems (NIDSs) to optimize detection and to provide …
network intrusion detection systems (NIDSs) to optimize detection and to provide …
[图书][B] Data mining applications: Promise and challenges
R Athauda, C Fernando, M Tissera - 2009 - nova.newcastle.edu.au
Data mining is an emerging field gaining acceptance in research and industry. This is
evidenced by an increasing number of research publications, conferences, journals and …
evidenced by an increasing number of research publications, conferences, journals and …