ETRI-Knowledge Sharing Plaform

KOREAN
논문 검색
Type SCI
Year ~ Keyword

Detail

Conference Paper A Memory-based Learning Approach to Reduce False Alarms in Intrusion Detection
Cited 2 time in scopus Share share facebook twitter linkedin kakaostory
Authors
Ill-Young Weon, Doo Heon Song, Chang-Hoon Lee, Young-Jun Heo, Ki-Young Kim
Issue Date
2005-02
Citation
International Conference on Advanced Communication Technology (ICACT) 2005, pp.241-245
Publisher
IEEE
Language
English
Type
Conference Paper
DOI
https://dx.doi.org/10.1109/icact.2005.245836
Abstract
Signature-based IDS is known to have acceptable accuracy but suffers from high rates of false alarms. We show a behavior based alarm reduction by using a memory-based machine learning technique - instance based learner. Our extended form of IBL (XIBL) examines SNORT alarm signals if that signal is worthy sending signals to security manager. A preliminary experiment shows that these exists an apparent difference between true alarms and false alarms with respect to XIBL behavior and the full experiment successfully exhibits the power of hybrid system is there is a rich set of analyzed data such as DARPA 1998 data set we used.
KSP Keywords
Behavior based, Data sets, False Alarm, High rate, Instance based, Learning approach, Machine Learning technique(MLT), Memory-based learning, Signature-based, hybrid system, intrusion detection