Name
Abstract | ||
|---|---|---|
Constructing alert classifiers is an efficient way to filter IDS false positives. Classifiers built with supervised classification technique require large amounts of labeled training alerts which are difficult and expensive to prepare. This paper proposes to use semi-supervised learning technique to build alert classification model to reduce the number of needed labeled training alerts. Experiments conducted on the DARPA 1999 dataset have demonstrated that the semi-supervised alert classification model can improve the classification performance dramatically, especially when the labeled alert training dataset is small. As a result, the feasibility of deploying alert classifier for filtering false positives is enhanced. © 2012 Springer-Verlag. |
Year | DOI | Venue |
|---|---|---|
2012 | 10.1007/978-3-642-31588-6_66 | ICIC (1) |
Keywords | Field | DocType |
em algorithm,false positive,intrusion detection system,semi-supervised learning | Semi-supervised learning,Pattern recognition,Expectation–maximization algorithm,Computer science,Filter (signal processing),Artificial intelligence,Classifier (linguistics),Intrusion detection system,Machine learning,False positive paradox | Conference |
Volume | Issue | ISSN |
7389 LNCS | null | 16113349 |
Citations | PageRank | References |
4 | 0.40 | 3 |
Authors | ||
2 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Minghua Zhang | 1 | 7 | 2.20 |
| Haibin Mei | 2 | 4 | 0.40 |