Sciweavers

INCDM
2010
Springer

Semi-supervised Learning for False Alarm Reduction

14 years 5 months ago
Semi-supervised Learning for False Alarm Reduction
Abstract. Intrusion Detection Systems (IDSs) which have been deployed in computer networks to detect a wide variety of attacks are suffering how to manage of a large number of triggered alerts. Thus, reducing false alarms efficiently has become the most important issue in IDS. In this paper, we introduce the semi-supervised learning mechanism to build an alert filter, which will reduce up to 85% false alarms and still keep a high detection rate. In our semi-supervised learning approach, we only need a very small amount of label information. This will save a huge security officer’s effort and make the alert filter be more practical for the real systems. Numerical comparison with conventional supervised learning approach with the same small portion labeled data, our method has significantly superior detection rate as well as in the false alarm reduction rate.
Chien-Yi Chiu, Yuh-Jye Lee, Chien-Chung Chang, Wen
Added 19 Jul 2010
Updated 19 Jul 2010
Type Conference
Year 2010
Where INCDM
Authors Chien-Yi Chiu, Yuh-Jye Lee, Chien-Chung Chang, Wen-Yang Luo, Hsiu-Chuan Huang
Comments (0)