Growing hierarchical self-organizing map for filtering intrusion detection alarms
A Network Intrusion Detection System (NIDS) monitors all network actions and generates alarms when it detects suspicious attempts. We present a data mining technique to assist network administrators to analyze and reduce false positive alarms that are produced by a NIDS. Our data mining technique is...
محفوظ في:
| المؤلف الرئيسي: | |
|---|---|
| مؤلفون آخرون: | , |
| التنسيق: | conferenceObject |
| منشور في: |
2008
|
| الوصول للمادة أونلاين: | http://hdl.handle.net/10725/7860 http://dx.doi.org/10.1109/I-SPAN.2008.42 http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php https://ieeexplore.ieee.org/abstract/document/4520211/ |
| الوسوم: |
إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
| الملخص: | A Network Intrusion Detection System (NIDS) monitors all network actions and generates alarms when it detects suspicious attempts. We present a data mining technique to assist network administrators to analyze and reduce false positive alarms that are produced by a NIDS. Our data mining technique is based on a Growing Hierarchical Self-Organizing Map (GHSOM) that adjusts its architecture during an unsupervised training process according to the characteristics of the input alarm data. GHSOM clusters these alarms in a way that supports network administrators in making decisions about true and false alarms. Our empirical results show that our technique is useful for real-world intrusion data. |
|---|