A NOVEL APPROACH OF ALARM CLASSIFICATION FOR INTRUSION DETECTION BASED UPON DEMPSTER-SHAFER THEORY
Guangsheng Feng, Huiqiang Wang, Qian Zhao
2007
Abstract
As the number of the alarms is increasingly growing, which are generated by intrusion detection systems (IDS), automatic tools for classification have been proposed to fulfil the requirements of the huge volume of alarms. In addition, it has been shown that an accurate classification requires the evidences from different sources, such as different IDS. Further more, Dempster-Shafer theory is a powerful tool in dealing with the uncertainty information. This paper proposes multiple-level classification model, which aims to classify the large sizes of alarms exactly. Experimental results show that this approach has an outstanding capability of classification. Especially it is quite effective in avoiding alarms grouped into the wrong classes in the case of short of evidences.
DownloadPaper Citation
in Harvard Style
Feng G., Wang H. and Zhao Q. (2007). A NOVEL APPROACH OF ALARM CLASSIFICATION FOR INTRUSION DETECTION BASED UPON
DEMPSTER-SHAFER THEORY . In Proceedings of the Third International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-972-8865-77-1, pages 234-239. DOI: 10.5220/0001279902340239
in Bibtex Style
@conference{webist07,
author={Guangsheng Feng and Huiqiang Wang and Qian Zhao},
title={A NOVEL APPROACH OF ALARM CLASSIFICATION FOR INTRUSION DETECTION BASED UPON
DEMPSTER-SHAFER THEORY},
booktitle={Proceedings of the Third International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2007},
pages={234-239},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001279902340239},
isbn={978-972-8865-77-1},
}
in EndNote Style
TY - CONF
JO - Proceedings of the Third International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - A NOVEL APPROACH OF ALARM CLASSIFICATION FOR INTRUSION DETECTION BASED UPON
DEMPSTER-SHAFER THEORY
SN - 978-972-8865-77-1
AU - Feng G.
AU - Wang H.
AU - Zhao Q.
PY - 2007
SP - 234
EP - 239
DO - 10.5220/0001279902340239