期刊名称:International Journal of Security and Its Applications
印刷版ISSN:1738-9976
出版年度:2014
卷号:8
期号:5
页码:109-118
DOI:10.14257/ijsia.2014.8.5.11
出版社:SERSC
摘要:One of the most important tools in security field is Intrusion Detection System. The aim of the IDS is to monitor suspicious network traffic and generate alerts. These systems are known to generate numerousfalse positive alerts. Analyzing the alerts manually by security expert need more time and could be error prone.Another problem with IDS is Identifying attack types and generating correct alerts related to attacks.we introducenew alert management systems to overcome mentioned problems. Alert management systems help security experts to manage alerts and produce a high level view of alerts. In this paper a new alert clustering algorithm for IDS Alert Management System proposed that uses the K-mean Based Genetic (KBG). The proposed algorithm reduces alerts and detects false positive alerts. By the experimental results on DARPA KDD cup 98 the system is able to cluster and classify alerts and causes reducing false positive alerts considerably
