Alerts Clustering for Intrusion Detection Systems: Overview and Machine Learning Perspectives
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2019, Vol 10, Issue 5
Abstract
The tremendous amount of the security alerts due to the high-speed alert generation of high-speed networks make the management of intrusion detection computationally expensive. Evidently, the high-level rate of wrong alerts disproves the Intrusion Detection Systems (IDS) performances and decrease its capability to prevent cyber-attacks which lead to tedious alert analysis task. Thus, it is important to develop new tools to understand intrusion data and to represent them in a compact forms using, for example, an alert clustering process. This hot topic of research is studied here and an understandable taxonomy followed by a deep survey of main published works related to intrusion alert management is presented in this paper. The second part of this work exposes different useful steps for designing a unified IDS system on the basis of machine learning techniques which are considered one of the most powerful tools for solving certain problems related to alert management and outlier detection.
Authors and Affiliations
Wajdi Alhakami
Keywords
Related Articles
- EP ID EP579023
- DOI 10.14569/IJACSA.2019.0100574
- Views 87
- Downloads 0
OTSA: Optimized Time Synchronization Approach for Delay-based Energy Efficient Routing in WSN
Time Synchronization is one of the problems and still ignored problem in area of wireless sensor network (WSN). After reviewing the existing literatures, it is found that there are few studies that combinely address the...
A Recent Study on Routing Protocols in UWSNs
Recent research has seen remarkable advancement in the field of Under Water Sensor Networks (UWSNs). Many different protocols are developed in the recent years in this domain. As these protocols can be categorized in a v...
Lung-Deep: A Computerized Tool for Detection of Lung Nodule Patterns using Deep Learning Algorithms Detection of Lung Nodules Patterns
The detection of lung-related disease for radiologists is a tedious and time-consuming task. For this reason, automatic computer-aided diagnosis (CADs) systems were developed by using digital CT scan images of lungs. The...
Secure Steganography for Digital Images
The degree of imperceptibility of hidden image in the ‘Digital Image Steganography’ is mostly defined in relation to the limitation of Human Visual System (HVS), its chances of detection using statistical methods and its...
Defending Polymorphic Worms in Computer Network using Honeypot
Polymorphic worms are a major threat to internet infrastructure security. In this mechanism we are using gate-translator, double honeypot, sticky honeypot, internal translator and antivirus of Cloud AV,which attracts pol...