Please use this identifier to cite or link to this item: http://hdl.handle.net/10397/61457
Title: MVPSys : toward practical multi-view based false alarm reduction system in network intrusion detection
Authors: Li, W
Meng, W
Luo, X 
Kwok, LF
Keywords: Alarm filter
False alarms
Intrusion detection
Multi-view
Network security
Practical applications
Semi-supervised learning
Issue Date: 2016
Publisher: Elsevier Advanced Technology
Source: Computers and security, 2016, v. 60, p. 177-192 How to cite?
Journal: Computers and security 
Abstract: Network intrusion detection systems (NIDSs) have been developed for over twenty years and have been widely deployed in computer networks to detect a variety of network attacks. But one of the major limitations is that these systems would generate a large number of alarms, especially false alarms (positives) during the detection. To address this issue, many machine learning approaches have been applied to reduce NIDS false positives. However, we notice that multi-view based approach is often ignored by the literature, which uses one function to model a particular view and jointly optimizes all the functions to optimize and improve the learning performance. In addition, most existing studies have not implemented their algorithms into practical alam systems. In this paper, we thus develop MVPSys, a practical multi-view based false alarm reduction system to reduce false alarms more efficiently, where each view represents a set of features. More specifically, we implement a semi-supervised learning algorithm to construct two-view items and automatically exploit both labeled and unlabeled data. That is, this system can automatically extract and organize features from an incoming alarm into two feature sets: destination feature set and source feature set, where the former contains the features related to the target environment and the latter contains the features about the source environment. In the evaluation, we deploy our system into two real network environments besides using two datasets. Experimental results indicate that our system can achieve a stable filtration accuracy of over 95%, offering a significant improvement as compared with the state-of-the-art algorithms.
URI: http://hdl.handle.net/10397/61457
ISSN: 0167-4048
DOI: 10.1016/j.cose.2016.04.007
Appears in Collections:Journal/Magazine Article

Access
View full-text via PolyU eLinks SFX Query
Show full item record

SCOPUSTM   
Citations

2
Last Week
0
Last month
Citations as of Sep 9, 2017

WEB OF SCIENCETM
Citations

2
Last Week
0
Last month
Citations as of Sep 22, 2017

Page view(s)

37
Last Week
0
Last month
Checked on Sep 18, 2017

Google ScholarTM

Check

Altmetric



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.