For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Online Temperature Detecting System in Hot Machining Process
p.657
Portable Fault Testing Device of Electronic Instrument Based on PC 104 Bus
p.661
Practical Technologies Research of Line Structured Light Three-Dimensional Profile Measurement at Low-Cost
p.665
PZT Sensors and their Application in Structural Health Monitoring
p.669
Reducing False Negatives in Intelligent Intrusion Detection Decision Response System
p.676
Research of Active Detection Technology Using Vector Array on Small Platform
p.682
Research of DC Current Measurement Technology Based on Optical Fiber Thermometry
p.686
Research on FBG Spectral Optimization with Particle Swarm Optimization Algorithm
p.690
Research on High Precision and Non-Contact Measuring System for Geometric Parameter of the Irregular Shape
p.694

Reducing False Negatives in Intelligent Intrusion Detection Decision Response System

Article Preview

Abstract:

As soon as the Intrusion Detection System (IDS) detects any suspicious or malicious activity, it will generate alarms. Unfortunately, the triggered alarms usually are accompanied with huge number of false alarms (false-positives and false-negatives) which is the key performance parameters of the IDS. The risk of false-negatives is higher than false-positives. In our previous paper, we proposed a novel intelligent intrusion detection, decision, response system (I2D2RS) with fuzzy theory, which use the two essential information times and time, of the failed login to decide automatically the attacker like an experienced system/security administrator. Though the system can reduce the false alarms perfectly, the capability of processing simultaneous multi-point attack is relatively weak, and then false-negatives will be occurred. In this paper, we employ a preprocessing module to collect the failed login information before data processing. The proposed approach changes the processing procedure from serial to parallel processing, thus eliminates the false-negatives. The efficiency of these improvements was confirmed with the experiments.

You might also be interested in these eBooks
Measuring Technology and Mechatronics Automation IV View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 128-129)

Pages:

676-681

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.128-129.676

Citation:

Cite this paper

Online since:

October 2011

Authors:

Hong Mei Kai, Xiao Jie Liu, Ya Fei Liu, Lin Zhou

Keywords:

False Alarms, IDS, Parallel, Preprocessing, Serial

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2012 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] Information on http: /www. internetworldstats. com/stats. htm.

Google Scholar

[2] Information on http: /www. iajapan. org/iwp.

Google Scholar

[3] J. P. Anderson, in: Computer Security Threat Monitoring and Surveillance, Technical report, James P. Anderson Co., Fort Washington, PA, (1980).

Google Scholar

[4] R. Bejtlich, in: The Tao of Network Security Monitoring, Addison-Wesley Pearson Education, (2004).

Google Scholar

[5] P. Ning, S. Jajodia, and X. Wang, in: Intrusion Detection in Distributed Systems, Kluuwer Academic Publishers, (2004).

Google Scholar

[6] Curtis A. Carver, Jr., John M.D. Hill, John R. Surdu, Udo W. Pooch, in: A methodology for using intelligent agents to provide automated intrusion response, Proceedings of the 2000 IEEE Workshop on Information Assurance and Security United States Military Academy, (2000).

Google Scholar

[7] Wasniowski R A, in: Intrusion detection system with fuzzy logic agent, WSEAS Transactions on Systems Issue10, 2004, vol. 3: 1109-2777.

Google Scholar

[8] T. Kuribayashi, Y. Shiraishi, and M. Morii, in: Damage Prediction of Unlawful Access by Event Dependent Model, The 2004 Symposium on Cryptography and Information Security(SCIS 2004): 1029-1034.

Google Scholar

[9] J.T. Yao, S.L. Zhao and L.V. Saxton, in: A Study on fuzzy intrusion detection, Data Mining, Intrusion Detection Information Assurance, and Data Networks Security 2005, vol. 5812: 23-30.

DOI: 10.1117/12.604465

Google Scholar

[10] Richard A. Wasniowski, Using self-organizing networks for intrusion detection, Proceedings of the 6th WSEAS Int. Conf. on Neural Networks, 2005: 90-94.

Google Scholar

[11] H. Kai, H. Zhu, K. Eguchi, N. Sun and T. Tabata, in: A novel intelligent intrusion detection, decision, response system, IEICE Trans. Fundamentals, 2006, vol. E89-A, no. 6: 1630-1637.

DOI: 10.1093/ietfec/e89-a.6.1630

Google Scholar

[12] Information on http: /www. cert. dfn. de/eng/logsurf.

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.