Intelligent Alarm Filter using Knowledge-based Alert Verification in Network Intrusion Detection

Network intrusions have become a big challenge to current network environment. Thus, Network Intrusion Detection Systems (NIDSs) are being widely deployed in various networks aiming to detect different kinds of network attacks (e.g., Trojan, worms). However, in real settings, a large number of alarms can be generated during the detection procedure, which greatly decrease the effectiveness of these intrusion detection systems. To mitigate this problem, the authors advocate that constructing an alarm filter is a promising solution. In this paper, they design and develop an intelligent alarm filter to help filter out NIDS alarms by means of knowledge-based alert verification.

Provided by: City University of Hong Kong Topic: Security Date Added: Aug 2012 Format: PDF

Find By Topic