City University of Hong Kong
Intrusion Detection Systems (IDSs) have been widely deployed in organizations nowadays as the last defense for the network security. However, one of the big problems of these systems is that a large amount of alarms especially false alarms will be produced during the detection process, which greatly aggravates the analysis workload and reduces the effectiveness of detection. To mitigate this problem, the authors advocate that the construction of a false alarm filter by utilizing machine learning schemes is an effective solution. In this paper, they propose an adaptive false alarm filter aiming to filter out false alarms with the best machine learning algorithm based on distinct network contexts.