Growing hierarchical self-organizing map for filtering intrusion detection alarms. (c2007)

LAUR Repository

Show simple item record

dc.contributor.author Shehab, Maya
dc.date.accessioned 2011-09-30T07:51:00Z
dc.date.available 2011-09-30T07:51:00Z
dc.date.copyright 2007 en_US
dc.date.issued 2011-09-30
dc.date.submitted 2007-03-03
dc.identifier.uri http://hdl.handle.net/10725/670
dc.description Includes bibliographical references (leaves 71-75). en_US
dc.description.abstract A Network Intrusion Detection System (NIDS) is an alarm system for networks. NIDS monitors all inbound and outbound network actions and generates alarms when it detects suspicious or malicious attempts. A false positive alarm is generated when the NIDS misclassifies a normal action in the network as an attack. We present a data mining technique to assist network administrators to analyze and reduce false positive alarms that are produced by a NIDS. Our data mining technique is based on a Growing Hierarchical Self-Organizing Map (GHSOM) that adjusts its architecture during an unsupervised training process according to the characteristics of the input alarm data, where no prior information is available about these alarms. GHSOM clusters these alarms in a way that supports network administrators in making decisions about true and false alarms. We compare the effectiveness of our GHSOM-based technique with a recent technique (SOM) using real-world intrusion detection data. The results show that our technique performs better than SOM in terms of reducing false positives from 15% to 4.7% and false negatives from16% to 4%. en_US
dc.language.iso en en_US
dc.subject Computer networks -- Security measures en_US
dc.subject Electronic alarm systems en_US
dc.subject Computer security en_US
dc.subject Self-organizing systems en_US
dc.title Growing hierarchical self-organizing map for filtering intrusion detection alarms. (c2007) en_US
dc.type Thesis en_US
dc.term.submitted Spring en_US
dc.author.degree MS in Computer Science en_US
dc.author.school Arts and Sciences en_US
dc.author.idnumber 200202197 en_US
dc.author.commembers Dr. Faisal Abu Khzam
dc.author.commembers Dr. Sanaa Sharafeddine
dc.author.woa OA en_US
dc.description.physdesc 1 bound copy: x, 80 leaves; ill.; 30 cm. available at RNL. en_US
dc.author.division Computer Science en_US
dc.author.advisor Dr. Nashaat Mansour
dc.keywords Alarm filtering en_US
dc.keywords Computer security en_US
dc.keywords Growing hierarchical self-organizing map en_US
dc.keywords Intrusion detection en_US
dc.keywords Self-organizing map en_US
dc.identifier.doi https://doi.org/10.26756/th.2007.19 en_US
dc.publisher.institution Lebanese American University en_US

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search LAUR

Advanced Search


My Account