• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>SoutheastCon >Reducing false positives in intrusion detection systems using data-mining techniques utilizing support vector machines, decision trees, and naive Bayes for off-line analysis
【24h】

Reducing false positives in intrusion detection systems using data-mining techniques utilizing support vector machines, decision trees, and naive Bayes for off-line analysis

机译:使用支持向量机,决策树和朴素贝叶斯进行离线分析的数据挖掘技术,减少入侵检测系统中的误报

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Intrusion detection systems monitor network or host packets in an attempt to detect malicious activities on a system. Anomaly detection systems have success in exposing new attacks, commonly referred to as ¿¿¿zero¿¿¿ day attacks, yet have high false positive rates. False positive events occur when an activity is flagged for investigation yet it was determined to be benign upon analysis. Computational power and valuable resources are wasted when the irrelevant data is processed, data flagged, analyst alerted, and the irrelevant data is finally disregarded. In an effort to make intrusion detection systems more efficient the false positive rate must be reduced. This paper proposes a model for reducing false positives using data mining techniques by combining support vector machines (SVM), decision trees, and Na¿¿ve Bayes.
机译:入侵检测系统监视网络或主机数据包,以尝试检测系统上的恶意活动。异常检测系统可以成功地暴露出通常称为“零”日攻击的新攻击,但误报率很高。将活动标记为要调查但在分析后被确定为良性时,会发生误报事件。当处理不相关的数据,标记数据,警告分析人员并最终忽略不相关的数据时,会浪费计算能力和宝贵的资源。为了使入侵检测系统更有效,必须减少误报率。本文提出了一种通过结合支持向量机(SVM),决策树和朴素贝叶斯算法使用数据挖掘技术来减少误报的模型。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号