Clustering approach for false alerts reducing in behavioral based intrusion detection systems

Clustering approach for false alerts reducing in behavioral based intrusion detection systems

Behavioral intrusion detection systems are known by their high false alerts rates. In this paper, we propose to combine a behavioral intrusion detection approach with a clustering approach in order to obtain a set of clusters with different false alerts rates. The order of these clusters with respec...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Kenaza, T, Zaidi, A
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Behavioral intrusion detection
Classification algorithms
clustering
Clustering algorithms
Computational modeling
Data models
false alerts reducing
Intrusion detection
Training data
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Behavioral intrusion detection systems are known by their high false alerts rates. In this paper, we propose to combine a behavioral intrusion detection approach with a clustering approach in order to obtain a set of clusters with different false alerts rates. The order of these clusters with respect to their false alerts rates will be considered as an alerts prioritization. Hence, new alerts will be classified to the closest cluster and processed according to their cluster priority. Experimental results, using a simulated IDS, show that our approach is able to reduce the false alerts rate produced by behavioral intrusion detection systems.
DOI:10.1109/ICMWI.2010.5648171