Intrusion detection using alert prioritization and multiple minimum supports
作者: Catalin Mironeanu , Mitica Craus , Cnstian Nicolae Butincu
DOI: 10.1109/ROEDUNET.2015.7311978
关键词: Intrusion detection system 、 Computer security 、 Constant false alarm rate 、 Computer science 、 Intrusion prevention system 、 Prioritization 、 Data mining 、 Decision support system 、 Association rule learning
摘要: Due to increase in traffic volume, current commercial IDSs (Intrusion Detection Systems) usually tend produce a very large number of alarms. Although these alarms are triggered by actual intrusions, they often regular user behavior, thus increasing the false alarm rate and overwhelming security administrator. Mining algorithms that identify association rules provide an in-depth analysis breaches extend functionality IDSs. In this paper we present potential solution for reducing rate. Our approach is based on prioritization alerts, rescoring mechanism data mining techniques with multiple minimum supports.
sci-hub.se 参考文章(10)
Xinzhou Qin, Wenke Lee, Attack plan recognition and prediction using causal networks annual computer security applications conference. pp. 370- 379 ,(2004) , 10.1109/CSAC.2004.7
Heungmo Ryang, Unil Yun, Keun Ho Ryu, Discovering high utility itemsets with multiple minimum supports intelligent data analysis. ,vol. 18, pp. 1027- 1047 ,(2014) , 10.3233/IDA-140683
Gangin Lee, Unil Yun, Heungmo Ryang, Donggyu Kim, Multiple Minimum Support-Based Rare Graph Pattern Mining Considering Symmetry Feature-Based Growth Technique and the Differing Importance of Graph Elements Symmetry. ,vol. 7, pp. 1151- 1163 ,(2015) , 10.3390/SYM7031151
Bing Liu, Wynne Hsu, Yiming Ma, Mining association rules with multiple minimum supports knowledge discovery and data mining. pp. 337- 341 ,(1999) , 10.1145/312129.312274
Ya-Han Hu, Fan Wu, Yi-Jiun Liao, An efficient tree-based algorithm for mining sequential patterns with multiple minimum supports Journal of Systems and Software. ,vol. 86, pp. 1224- 1238 ,(2013) , 10.1016/J.JSS.2012.12.020
Alfonso Valdes, Keith Skinner, Probabilistic Alert Correlation recent advances in intrusion detection. pp. 54- 68 ,(2001) , 10.1007/3-540-45474-8_4
Khalid Alsubhi, Ehab Al-Shaer, Raouf Boutaba, Alert prioritization in Intrusion Detection Systems network operations and management symposium. pp. 33- 40 ,(2008) , 10.1109/NOMS.2008.4575114
Xinzhou Qin, Wenke Lee, Statistical Causality Analysis of Infosec Alert Data recent advances in intrusion detection. pp. 73- 93 ,(2003) , 10.1007/978-3-540-45248-5_5
F. Valeur, G. Vigna, C. Kruegel, R.A. Kemmerer, Comprehensive approach to intrusion detection alert correlation IEEE Transactions on Dependable and Secure Computing. ,vol. 1, pp. 146- 169 ,(2004) , 10.1109/TDSC.2004.21
Managing Cyber Threats Springer-Verlag. ,(2005) , 10.1007/B104908