Reducing False Negatives in Intelligent Intrusion Detection Decision Response System

Abstract:

Article Preview

As soon as the Intrusion Detection System (IDS) detects any suspicious or malicious activity, it will generate alarms. Unfortunately, the triggered alarms usually are accompanied with huge number of false alarms (false-positives and false-negatives) which is the key performance parameters of the IDS. The risk of false-negatives is higher than false-positives. In our previous paper, we proposed a novel intelligent intrusion detection, decision, response system (I2D2RS) with fuzzy theory, which use the two essential information times and time, of the failed login to decide automatically the attacker like an experienced system/security administrator. Though the system can reduce the false alarms perfectly, the capability of processing simultaneous multi-point attack is relatively weak, and then false-negatives will be occurred. In this paper, we employ a preprocessing module to collect the failed login information before data processing. The proposed approach changes the processing procedure from serial to parallel processing, thus eliminates the false-negatives. The efficiency of these improvements was confirmed with the experiments.

Info:

Periodical:

Edited by:

Zhixiang Hou

Pages:

676-681

DOI:

10.4028/www.scientific.net/AMM.128-129.676

Citation:

H. M. Kai et al., "Reducing False Negatives in Intelligent Intrusion Detection Decision Response System", Applied Mechanics and Materials, Vols. 128-129, pp. 676-681, 2012

Online since:

October 2011

Export:

Price:

$35.00

In order to see related information, you need to Login.

In order to see related information, you need to Login.