• DocumentCode
    3639770
  • Title

    Network IDS alert classification with frequent itemset mining and data clustering

  • Author

    Risto Vaarandi;Kārlis Podiņš

  • Author_Institution
    Cooperative Cyber Defence Centre of Excellence, Tallinn, Estonia
  • fYear
    2010
  • Firstpage
    451
  • Lastpage
    456
  • Abstract
    Network IDS is a well-known security measure for network monitoring and protection. Unfortunately, IDSs are known to generate large amounts of alerts, with many of them being either false positives or of low importance. This makes it hard for the human to spot alerts which need more attention. In order to tackle this issue, this paper proposes an IDS alert classification method which is based on data mining techniques.
  • Keywords
    "Sensors","Itemsets","Pattern matching","Data mining","Classification algorithms","Internet","Humans"
  • Publisher
    ieee
  • Conference_Titel
    Network and Service Management (CNSM), 2010 International Conference on
  • Print_ISBN
    978-1-4244-8910-7
  • Type

    conf

  • DOI
    10.1109/CNSM.2010.5691262
  • Filename
    5691262
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3639770