A Semi-Supervised IDS Alert Classification Model Based on Alert Context
Authors
Haibin Mei, Minghua Zhang
Corresponding Author
Haibin Mei
Available Online March 2013.
- DOI
- 10.2991/iccsee.2013.187How to use a DOI?
- Keywords
- alert classification model, semi-supervised learning, alert context
- Abstract
How to filtering false positives is a fundamental problem of IDS. Constructing alert classification model is one of efficient methods. However, the high cost of preparing training data and classification feature selection are key points in the problem. This paper gives a semi-supervised alert classification model which makes use of the power of semi-supervised learning. Moreover, four classification features about alert context are introduced to improve classification accuracy. Experiments conducted on the DARPA 1999 dataset show that the use of the alert context properties can increase the classification accuracy by about 3 percent.
- Copyright
- © 2013, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Haibin Mei AU - Minghua Zhang PY - 2013/03 DA - 2013/03 TI - A Semi-Supervised IDS Alert Classification Model Based on Alert Context BT - Proceedings of the 2nd International Conference on Computer Science and Electronics Engineering (ICCSEE 2013) PB - Atlantis Press SP - 738 EP - 741 SN - 1951-6851 UR - https://doi.org/10.2991/iccsee.2013.187 DO - 10.2991/iccsee.2013.187 ID - Mei2013/03 ER -