Name
Abstract | ||
|---|---|---|
Intrusion detection systems (IDSs) produce a massive number of intrusion alerts. A huge number of these alerts are false positives. Investigating false positive alerts is an expensive and time consuming process, and as such represents a significant problem for intrusion analysts. This shows the needs for automated approaches to eliminate false positive alerts. In this paper, we propose a novel alert verification and false positives reduction approach. The proposed approach uses context-aware and semantic similarity to filter IDS alerts and eliminate false positives. Evaluation of the approach with an IDS dataset that contains massive number of IDS alerts yields strong performance in detecting false positive alerts. |
Year | DOI | Venue |
|---|---|---|
2014 | 10.1109/ISIAS.2014.7064620 | IAS |
Keywords | Field | DocType |
false positive reduction approach,ids dataset,semantic similarity,alert verification,context-aware,intrusion detection systems,false positive,ubiquitous computing,ids alerts,false positive alert detection,intrusion detection,context-aware intrusion alert verification approach,security of data,semantics,indexes,measurement | Semantic similarity,Data mining,Intrusion,Computer science,Computer security,Intrusion detection system,Semantics,False positive paradox | Conference |
ISSN | ISBN | Citations |
2167-4248 | 978-1-4799-8098-7 | 0 |
PageRank | References | Authors |
0.34 | 13 | 3 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Sherif Saad | 1 | 128 | 7.45 |
| Issa Traoré | 2 | 217 | 18.02 |
| Marcelo Luiz Brocardo | 3 | 30 | 4.04 |