Home > CSC-OpenAccess Library > Manuscript Information
EXPLORE PUBLICATIONS BY COUNTRIES |
 |
 |
EUROPE |
|
MIDDLE EAST |
|
ASIA |
|
AFRICA |
| ............................. | |
|
United States of America |
|
United Kingdom |
|
Canada |
|
Australia |
|
Italy |
|
France |
|
Brazil |
|
Germany |
|
Malaysia |
|
Turkey |
|
China |
|
Taiwan |
|
Japan |
|
Saudi Arabia |
|
Jordan |
|
Egypt |
|
United Arab Emirates |
|
India |
|
Nigeria |
Efficient Security Alert Management System
Minoo Deljavan Anvary, Majid Ghonji Feshki, Amir Azimi Alasti Ahrabi
Pages - 218 - 224 | Revised - 31-07-2015 | Published - 31-08-2015
MORE INFORMATION
KEYWORDS
Intrusion Detection, Security Alert Management, K-nearest Neighbor, Real-time Security Alert Classification, Reduction of False Positive Alerts, Precise Classifying True Positive Alerts.
ABSTRACT
Nowadays there are several security tools that used to protect computer systems, computer networks, smart devices and etc. against attackers. Intrusion detection system is one of tools used to detect attacks. Intrusion Detection Systems produces large amount of alerts, security experts could not investigate important alerts, also many of that alerts are incorrect or false positives. Alert management systems are set of approaches that used to solve this problem. In this paper a new alert management system is presented. It uses K-nearest neighbor as a core component of the system that classify generated alerts. The suggested system serves precise results against huge amount of generated alerts. Because of low classification time per each alert, the system also could be used in online systems.
| 1 | Google Scholar  |
| 2 | CiteSeerX |
| 3 | refSeek |
| 4 | TechRepublic |
| 5 | Scribd |
| 6 | SlideShare |
| 7 | PdfSR |
| Ahrabi, A.A.A., et al., A New System for Clustering and Classification of Intrusion Detection System Alerts Using Self-Organizing Maps. International Journal of Computer Science and Security (IJCSS), 2011. 4(6): p. 589. | |
| Ahrabi, A.A.A., et al., Using Learning Vector Quantization in IDS Alert Management System. International Journal of Computer Science and Security (IJCSS), 2012. 6(2): p. 1-7. | |
| Bahrbegi, H., et al. A new system to evaluate GA-based clustering algorithms in Intrusion Detection alert management system. 2010. IEEE. | |
| Brugger, S.T. and J. Chow, An Assessment of the DARPA IDS Evaluation Dataset Using Snort, D. UC Davis Technical Report CSE-2007-1, CA, Editor. 2007. | |
| Cover, T. and P. Hart, Nearest neighbor pattern classification. Information Theory, IEEE Transactions on, 1967. 13(1): p. 21-27. | |
| Cuppens, F. Managing alerts in a multi-intrusion detection environment. 2001. | |
| DARPA 1998 Intrusion Detection Evaluation Datasets, M.L. Lab., Editor. 1998. | |
| DARPA 2000 Intrusion Detection Evaluation Datasets, M.L. Lab., Editor. 2000. | |
| Debar, H. and A. Wespi. Aggregation and Correlation of Intrusion-Detection Alerts. in Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection. 2001. | |
| Debar, H., M. Dacier, and A. Wespi, Towards a taxonomy of intrusion-detection systems. Computer Networks, 1999. 31(8): p. 805-822. | |
| Franc, V. and V. Hlavác. Statistical pattern recognition toolbox for Matlab. Center for Machine Perception, Czech Technical University 2004; Available. | |
| Julisch, K., Clustering intrusion detection alarms to support root cause analysis. ACM Transactions on Information and System Security (TISSEC), 2003. 6(4): p. 443-471. | |
| Kohonen, T., Learning vector quantization, in M.A. Arbib (ed.), The Handbook of Brain Theory and Beural Networks. 1995: MIT Press. | |
| Kohonen, T., Self-Organized Maps. 1997, Science Berlin Heidelberg: Springer series in information. | |
| Maheyzah, S.Z., Intelligent alert clustering model for network intrusion analysis. Journal in Advances Soft Computing and Its Applications (IJSCA), 2009. 1(1): p. 33-48. | |
| Mathworks, MATLAB. 2014, http://www.mathworks.com. | |
| MIRADOR, E. Mirador: a cooperative approach of IDS. in European Symposium on Research in Computer Security (ESORICS). 2000. Toulouse, France. | |
| Snort, The open source network intrusion detection system. 2012. | |
| Wang, J. and B. Cui. Clustering IDS Alarms with an IGA-based Approach. 2009. IEEE. | |
| Wang, J., H. Wang, and G. Zhao. A GA-based Solution to an NP-hard Problem of Clustering Security Events. 2006. IEEE. | |
Mr. Minoo Deljavan Anvary
IT Department School of e-Learning, Shiraz University, Shiraz, Fars. - Iran
Mr. Majid Ghonji Feshki
Department of Computer Science
Qzvin Branch, Islamic Azad University
Qazvin, Qazvin. - Iran
Mr. Amir Azimi Alasti Ahrabi
Industrial Management Institute - Iran
amir.azimi.alasti@gmail.com
|
|
|
|
| View all special issues >> | |
|
|
