Semi-supervised Learning for False Alarm Reduction
نویسندگان
چکیده
Intrusion Detection Systems (IDSs) which have been deployed in computer networks to detect a wide variety of attacks are suffering how to manage of a large number of triggered alerts. Thus, reducing false alarms efficiently has become the most important issue in IDS. In this paper, we introduce the semi-supervised learning mechanism to build an alert filter, which will reduce up to 85% false alarms and still keep a high detection rate. In our semi-supervised learning approach, we only need a very small amount of label information. This will save a huge security officer’s effort and make the alert filter be more practical for the real systems. Numerical comparison with conventional supervised learning approach with the same small portion labeled data, our method has significantly superior detection rate as well as in the false alarm re-
منابع مشابه
Handling Intrusion Detection System using Snort Based Statistical Algorithm and Semi-supervised Approach
Intrusion detection system aims at analyzing the severity of network in terms of attack or normal one. Due to the advancement in computer field, there are numerous number of threat exploits attack over huge network. Attack rate increases gradually as detection rate increase. The main goal of using data mining within intrusion detection is to reduce the false alarm rate and to improve the detect...
متن کاملSemi-supervised Eigenbasis novelty detection
We present a semi-supervised online method for novelty detection and evaluate its performance for radio astronomy time series data. Our approach uses sparse, adaptive eigenbases to combine (1) prior knowledge about uninteresting signals with (2) online estimation of the current data properties to enable highly sensitive and precise detection of novel signals. We apply Semi-Supervised Eigenbasis...
متن کاملRestricted Boltzmann machines based oversampling and semi-supervised learning for false positive reduction in breast CAD.
The false-positive reduction (FPR) is a crucial step in the computer aided detection system for the breast. The issues of imbalanced data distribution and the limitation of labeled samples complicate the classification procedure. To overcome these challenges, we propose oversampling and semi-supervised learning methods based on the restricted Boltzmann machines (RBMs) to solve the classificatio...
متن کاملDetecting fraud in online games of chance and lotteries
Fraud detection has been an important topic of research in the data mining community for the past two decades. Supervised, semi-supervised, and unsupervised approaches to fraud detection have been proposed for the telecommunications, credit, insurance and health-care industries. We describe a novel hybrid system for detecting fraud in the highly growing lotteries and online games of chance sect...
متن کاملSemi-supervised Statistical Approach for Network Anomaly Detection
Intrusion Detection Systems (IDS) have become a very important defense measure against security threats. In recent years, computer networks are widely deployed for critical and complex systems, which make them more vulnerable to network attacks. In this paper, we propose a two-stage Semi-supervised Statistical approach for Anomaly Detection (SSAD). The first stage of SSAD aims to build a probab...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2010