Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Reducing IDS False Positives Using Incremental Stream Clustering Algorithm
MONDIS.
Antal upphovsmän: 12009 (Engelska)Självständigt arbete på avancerad nivå (masterexamen)Studentuppsats (Examensarbete)
Abstract [en]

Along with Cryptographic protocols and digital signatures, Intrusion Detection Systems(IDS) are considered to be the last line of defense to secure a network. But the main problem with todays most popular commercial IDSs(Intrusion Detection System) is the generation of huge amount of false positive alerts along with the true positive alerts, which is a cumbersome task for the operator to investigate in order to initiate proper responses. So, there is a great demand to explore this area of research and to find out a feasible solution. In this thesis, we have chosen this problem as our main area of research. We have tested the effectiveness of using the Incremental Stream Clustering Algorithm in order to reduce the number of false alerts from an IDS output. This algorithm was tested with output of one of the most popular network based open source IDS, named Snort, which was configured to playback mood to look for DARPA 1999 network traffic dataset. Our approach was evaluated and compared with K-Nearest Neighbor Algorithm. The result shows that the Incremental Stream Clustering Algorithm reduces (more than 99%) the number of false alarms more than that of K-Nearest Neighbor Algorithm (93%).

Ort, förlag, år, upplaga, sidor
2009, 1. , s. 53
Nyckelord [en]
Intrusion detection system, False positive alert, Incremental Stream Clustering algorithm, DARPA 1999 network traffic dataset
Nationell ämneskategori
Data- och informationsvetenskap
Identifikatorer
URN: urn:nbn:se:ri:diva-23502OAI: oai:DiVA.org:ri-23502DiVA, id: diva2:1042578
Projekt
MONDISTillgänglig från: 2016-10-31 Skapad: 2016-10-31 Senast uppdaterad: 2018-01-14Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Data- och informationsvetenskap

Sök vidare utanför DiVA

GoogleGoogle Scholar

urn-nbn

Altmetricpoäng

urn-nbn
Totalt: 273 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
v. 2.35.9