For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
To Be Used Basic Developing Strategy in Developing Software
p.2293
Research on the Construction of Distributed Computer Test System of the Ammunition Warehouse Based on the Grid Technology
p.2297
The Design of Digital Campus Unified Identity Authentication System Based on Web Services
p.2301
Research on External Storages Management of Virtual Machine
p.2305
Semi-Supervised Classification and its Application to Filtering IDS False Positives
p.2309
An Integrated Wireless Communication System for Remote Pastoral Areas in Tibet
p.2313
Decision Support Configuration Design in Broadcasting and Television Business & Operation Support System
p.2317
Discussion on the Security and Reliability in Network Transactions
p.2321
Analysis of the Third Party Testing of Information System Software
p.2325

Semi-Supervised Classification and its Application to Filtering IDS False Positives

Article Preview

Abstract:

Alert classifiers built with the supervised classification technique require large amounts of labeled training alerts. Preparing for such training data is very difficult and expensive. Thus accuracy and feasibility of current classifiers are greatly restricted. This paper employs semi-supervised learning to build alert classification model to reduce the number of needed labeled training alerts. Alert context properties are also introduced to improve the classification performance. Experiments have demonstrated the accuracy and feasibility of our approach.

You might also be interested in these eBooks
Mechanical Engineering, Industrial Electronics and Information Technology Applications in Industry View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 427-429)

Pages:

2309-2312

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.427-429.2309

Citation:

Cite this paper

Online since:

September 2013

Authors:

Hai Bin Mei*, Ming Hua Zhang

Keywords:

False Positive, IDS, Semi-Supervised Classification

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2013 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

* - Corresponding Author

References

[1] F. Xiao, S. Jin, and X. Li, A novel data mining-based method for alert reduction and analysis, Journal of networks, vol. 5, no. 1 pp.88-97, (2010).

Google Scholar

[2] H. Debar and A. Wespi, Aggregation and correlation of intrusion detection alerts, in Proc. of the 4th Int. Symposium on Recent Advances in Intrusion Detection, pp.85-103, (2001).

DOI: 10.1007/3-540-45474-8_6

Google Scholar

[3] P. Ning, Y. Cui, D. S. Reeves, and X. Dingbang, Techniques and tools for analyzing intrusion alerts, ACM Transactions on Information and System Security, vol. 7, no. 2 pp.274-318, (2004).

DOI: 10.1145/996943.996947

Google Scholar

[4] T. Pietraszek, Using adaptive alert classification to reduce false positives in intrusion detection, in Proc. of the 7th Int. Symposium on Recent Advances in Intrusion Detection, pp.102-124, (2004).

DOI: 10.1007/978-3-540-30143-1_6

Google Scholar

[5] T. Subbulakshmi, G. Mathew, and S. M. Shalinie, Real time classification and clustering of IDS alerts using machine learning algorithms, International Journal of Artificial Intelligence & Application(IJAIA), vol. 1, no. 1 pp.1-9, (2010).

Google Scholar

[6] M. S. Shin, E. H. Kim, and K. H. Ryu, False alarm classification model for network-based intrusion detection system, in Proc. of the 5th Int. Conf. on Intelligent Data Engineering and Automated Learning, pp.259-265, (2004).

DOI: 10.1007/978-3-540-28651-6_38

Google Scholar

[7] O. Chapelle, B. Scholkopf, and A. Zien, Semi-supervised learning,. Cambridge: MIT Press, (2006).

DOI: 10.7551/mitpress/9780262033589.001.0001

Google Scholar

[8] H. Liu and L. Yu, Toward integrating feature selection algorithms for classification and cluster, IEEE Transactions on Knowledge and Data Engineering, vol. 17, no. 3 pp.491-502, (2005).

DOI: 10.1109/tkde.2005.66

Google Scholar

[9] B. Morin, L. Mé, H. Debar, and M. Ducassé, M2D2: A formal data model for IDS alert correlation, in Proc. of the 5th Int. Symposium on Recent Advances in Intrusion Detection, pp.115-137, (2002).

DOI: 10.1007/3-540-36084-0_7

Google Scholar

[10] B. Zhu and A. A. Ghorbani, Alert correlation for extracting attack strategies, International Journal of Network Security, vol. 3, no. 3 pp.244-258, (2006).

Google Scholar

[11] K. Nigam, Using unlabeled data to improve text classification, PhD Thesis, Carnegie Mellon University, Pittsburgh, PA, USA, (2001).

Google Scholar

[12] R. Lippmann, J. W. Haines, D. J. Fried, J. Korba, and K. Das, The 1999 DARPA off-line intrusion detection evaluation, Computer Networks, vol. 34, no. 4 pp.579-595, (2000).

DOI: 10.1016/s1389-1286(00)00139-0

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.