A Case Study: Intelligent False Alarm Reduction using Fuzzy If-Then Rules in Network Intrusion Detection
Now-a-days, Network Intrusion Detection Systems (NIDSs) have become an essential part for the network security infrastructure. However, the large number of false alarms is a big problem for these detection systems which greatly reduces their effectiveness and efficiency. To mitigate this problem, the authors have developed an intelligent false alarm filter to help filter out false alarms by adaptively and periodically selecting the most appropriate machine learning algorithms (e.g., support vector machine, decision tree, k-nearest neighbor) that conduct the best single-algorithm performance. Therefore, their intelligent false alarm filter can keep reducing the number of false alarms at a high and stable level.