利用神经模糊方法减少误报报警

Fifth Annual Conference on Communication Networks and Services Research (CNSR '07) Pub Date : 2007-05-14 DOI:10.1109/CNSR.2007.70

Riyad Alshammari, S. Sonamthiang, Mohsen Teimouri, Denis Riordan

{"title":"利用神经模糊方法减少误报报警","authors":"Riyad Alshammari, S. Sonamthiang, Mohsen Teimouri, Denis Riordan","doi":"10.1109/CNSR.2007.70","DOIUrl":null,"url":null,"abstract":"One of the major problems of Intrusion Detection Systems (IDS) at the present is the high rate of false alerts that the systems produce. These alerts cause problems to human analysts to repeatedly and intensively analyze the false alerts to initiate appropriate actions. We demonstrate the advantages of using a hybrid neuro-fuzzy approach to reduce the number of false alarms. The neuro-fuzzy approach was experimented with different background knowledge sets in DARPA 1999 network traffic dataset. The approach was evaluated and compared with RIPPER algorithm. The results shows that the neuro- fuzzy approach significantly reduces the number of false alarms more than the RIPPER algorithm and requires less background knowledge sets.","PeriodicalId":266936,"journal":{"name":"Fifth Annual Conference on Communication Networks and Services Research (CNSR '07)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"45","resultStr":"{\"title\":\"Using Neuro-Fuzzy Approach to Reduce False Positive Alerts\",\"authors\":\"Riyad Alshammari, S. Sonamthiang, Mohsen Teimouri, Denis Riordan\",\"doi\":\"10.1109/CNSR.2007.70\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"One of the major problems of Intrusion Detection Systems (IDS) at the present is the high rate of false alerts that the systems produce. These alerts cause problems to human analysts to repeatedly and intensively analyze the false alerts to initiate appropriate actions. We demonstrate the advantages of using a hybrid neuro-fuzzy approach to reduce the number of false alarms. The neuro-fuzzy approach was experimented with different background knowledge sets in DARPA 1999 network traffic dataset. The approach was evaluated and compared with RIPPER algorithm. The results shows that the neuro- fuzzy approach significantly reduces the number of false alarms more than the RIPPER algorithm and requires less background knowledge sets.\",\"PeriodicalId\":266936,\"journal\":{\"name\":\"Fifth Annual Conference on Communication Networks and Services Research (CNSR '07)\",\"volume\":\"2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-05-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"45\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Fifth Annual Conference on Communication Networks and Services Research (CNSR '07)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CNSR.2007.70\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Fifth Annual Conference on Communication Networks and Services Research (CNSR '07)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CNSR.2007.70","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 45

摘要

目前入侵检测系统存在的主要问题之一是系统产生的假警报率高。这些警报会给人工分析人员带来问题，他们需要反复深入地分析错误警报，以启动适当的操作。我们展示了使用混合神经模糊方法来减少假警报数量的优点。在DARPA 1999网络流量数据集上，用不同的背景知识集对神经模糊方法进行了实验。对该方法进行了评价，并与RIPPER算法进行了比较。结果表明，与RIPPER算法相比，神经模糊方法显著减少了假警报的数量，并且需要更少的背景知识集。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Using Neuro-Fuzzy Approach to Reduce False Positive Alerts

One of the major problems of Intrusion Detection Systems (IDS) at the present is the high rate of false alerts that the systems produce. These alerts cause problems to human analysts to repeatedly and intensively analyze the false alerts to initiate appropriate actions. We demonstrate the advantages of using a hybrid neuro-fuzzy approach to reduce the number of false alarms. The neuro-fuzzy approach was experimented with different background knowledge sets in DARPA 1999 network traffic dataset. The approach was evaluated and compared with RIPPER algorithm. The results shows that the neuro- fuzzy approach significantly reduces the number of false alarms more than the RIPPER algorithm and requires less background knowledge sets.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Fifth Annual Conference on Communication Networks and Services Research (CNSR '07)

自引率

0.00%

发文量