会议专题

IDS Alert Classification Model Construction Using Decision Support Techniques

Although many IDSs have been proposed to assist administrators in detecting intrusion, false alarms are still huge and result in the difficulty of analysis. For this reason, we proposed a decision support system for constructing an alert classification model, which consists of three phases: alert preprocessing, model constructing and rule refining. Experimental results show that the proposed method discovers intrusion patterns quickly and precisely, and lightens the load of on-line alert analysis for experts obviously.

IDS false alert Decision Support System

Yan Zhang Shuguang Huang Yongyi Wang

Dept. of Network Engineering Electronic Engineering Institute Hefei, China 230037

国际会议

2012 International Conference on Computer Science and Electronic Engineering(2012 IEEE计算机科学与电子工程国际会议 ICCSEE 2012)

杭州

英文

301-305

2012-03-23(万方平台首次上网日期,不代表论文的发表时间)