Scheduled System Maintenance on May 29th, 2015:
IEEE Xplore will be upgraded between 11:00 AM and 10:00 PM EDT. During this time there may be intermittent impact on performance. We apologize for any inconvenience.
By Topic

A Hierarchical Alarm Processing Model for Intrusion Detection System

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Lizhong Xiao ; Dept. of Comput. Sci. & Inf. Eng., Shanghai Inst. of Technol., Shanghai, China ; YunXiang Liu ; Zhongdai Wu

For the alarm flooding problem, a hierarchical alarm processing model is studied to filter, reduce and correlate alarms. In filtering, false alarms are eliminated with repository. In reduction, a reduction algorithm is designed to remove the duplicate alarms in real time. In correlation, a frequent episodes algorithm is implemented on training data to help clustering-based correlation algorithm find the intrusion patterns. Through the above processing, the false and invalid alarms are eliminated, which eases the networks system and administrator's burden. Meanwhile, intrusion patterns can be found and alarm prediction can be reported. Experimental results show the model is effective.

Published in:

Information Engineering and Computer Science, 2009. ICIECS 2009. International Conference on

Date of Conference:

19-20 Dec. 2009