Intelligent Alarm Filter using Knowledge-based Alert Verification in Network Intrusion Detection
Network intrusions have become a big challenge to current network environment. Thus, Network Intrusion Detection Systems (NIDSs) are being widely deployed in various networks aiming to detect different kinds of network attacks (e.g., Trojan, worms). However, in real settings, a large number of alarms can be generated during the detection procedure, which greatly decrease the effectiveness of these intrusion detection systems. To mitigate this problem, the authors advocate that constructing an alarm filter is a promising solution. In this paper, they design and develop an intelligent alarm filter to help filter out NIDS alarms by means of knowledge-based alert verification.