DocumentCode :
2425596
Title :
Reducing False Positives Based on Time Sequence Analysis
Author :
Li, Dong ; Li, Zhitang ; Wang, Li
Author_Institution :
Huazhong Univ. of Sci. & Technol., Wuhan
Volume :
4
fYear :
2007
fDate :
24-27 Aug. 2007
Firstpage :
67
Lastpage :
71
Abstract :
Various IDS devices produce large number of alert, the majority of which are false positives. It is laborious for the security officers to find real intrusions. To find intrusions in real time, we should first remove false positives in the alerts. According to the experience of IDS alerts analysis, we find that there are some regularities in alert flow occurrence: power law, trend, periodicity. Based on these statistical regularities, we can operate it based on time sequence effectively. The results of real world data analysis demonstrate that the method can reduce massive false positives in real time effectively.
Keywords :
security of data; statistical analysis; data analysis; false positive removal; intrusion detection system; time sequence analysis; Computer worms; Data analysis; Data models; Educational institutions; Intrusion detection; Linux; Machine learning; Protection; RNA; Real time systems;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Fuzzy Systems and Knowledge Discovery, 2007. FSKD 2007. Fourth International Conference on
Conference_Location :
Haikou
Print_ISBN :
978-0-7695-2874-8
Type :
conf
DOI :
10.1109/FSKD.2007.464
Filename :
4406355
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2425596
بازگشت