Data Preprocessing for Reducing False Positive Rate in Intrusion Detection
Intrusion detection plays vital role in computer network security since long. Experience has shown that most IDS struggle for curbing false positive rate. As part of the authors' proposed model with the objective of reducing false positive rate here they have focused on preprocessing functionality. The main objective of they preprocessing module is to reduce ambiguity and provide accurate information to detection engine. So here, they have presented preprocessing module which cleans network data and handles missing or incomplete data. Preprocessing module is highly configurable. Based on the result of vulnerability assessment and network topology, hosts exists, services running, intrusion detection analyst need to configure preprocessing module.