Anomaly-based Intrusion Detection System Alarm Management

Anomaly-based Intrusion Detection System Alarm Management

Author: Qais Saiff Qassim, Abdullah Mohd Zin, Mohd Juzaiddin Abdul Aziz
Publisher: UKM Press
ISBN: 9789672511977
Weight: 200g
Pages: 175
Year: 2020
Price: RM35

Anomaly-based Intrusion Detection Systems (AIDSS) are used to detect anomalies and malicious activities in the information and communication system's resources. The main role of these systems is to monitor network or computer resources for unusual activities. Once an anomalous activity has been detected the IDS then generates alarms to notify the system administrator or security analyst. One of the most important issues faced by security analysts today is the high rate of false positive alarms generated by these systems. Therefore, this book presents a framework for alarm filtering using machine learning algorithms. The main contribution of the proposed alarm classification method is that it enables the classification of alarms to be done without using predefined knowledge of attack signatures.