Yazar "Al-Saedi, Karim Hashim" seçeneğine göre listele
Listeleniyor 1 - 1 / 1
Sayfa Başına Sonuç
Sıralama seçenekleri
Öğe Improving IDSs alerts to improve high quality network security by using data mining technique(Altınbaş Üniversitesi, 2017) Thajeel, Isam Kareem; Uçan, Osman Nuri; Bayat, Oğuz; Al-Saedi, Karim HashimIntrusion-Detection-Systems (IDSs) are the best and most effective techniques when it comes to addressing the threats (such as malware and cyber-attacks etc.) being faced by computer networks; indeed, these systems have been used for more than 20 years. However, these systems generate a huge number of alerts, a large percentage of which are false or incorrect. This problem adversely affects the performance and effectiveness of network security. In this paper, we propose a new system to eliminate duplicated and redundant IDS alerts; the overall aim is to improve network security by minimizing the rate of false positive alarms. This system consists of two major phases, as well as various sub-phases. The first phase involves removing duplicated alerts by applying a new filtering algorithm which has been prepared for this purpose. The aim of the second phase is to reduce false alerts by eliminating the redundant alerts; this is achieved by applying association rules and mining frequent itemset algorithms. This system is evaluated and tested by using five weeks of data from the DARPA 99 dataset. The results show that this system significantly reduces the number of FP alarms by 97.98%. These results also demonstrate the system’s substantial ability to reduce the very large number of false alarms related to IDSs.
