1 |
K. Scarfone and M. Peter, "Guide to intrusion detection and prevention systems (IDPS)," NIST Special Publication-800-94, Feb. 2007.
|
2 |
T. Pietraszek, "Using adaptive alert classification to reduce false positive in intrusion detection," Recent Advances in Intrusion Detection, pp. 102-124, 2004.
|
3 |
N. Hubballi and S. Vinoth, "False alarm minimization techniques in sig- nature-based intrusion detection sys- tems: A survey," Computer Communications, vol. 49, pp. 1-17, Aug. 2014.
DOI
|
4 |
G. Spathoulas and K. Sokratis, "Methods for post-processing of alerts in intrusion detection: A survey," International Journal of Information Security Science, vol. 2, no. 2, pp. 64-80, June 2013.
|
5 |
R. Sommer and P. Vern. "Enhancing byte-level network intrusion detection signatures with context," Proceedings of the 10th ACM conference on Computer and communications security. ACM, pp. 262-271, Oct. 2003.
|
6 |
S.J. Yang, A. Stotz, J. Holsopple, M. Sudit, and M. Kuhl, "High level information fusion for tracking and projection of multistage cyber attacks," Information Fusion, vol. 10, issue. 1, pp. 107-121, Jan. 2009.
DOI
|
7 |
E. Raftopoulos and D. Xenofontas, "Detecting, validating and characterizing computer infections in the wild," Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference. ACM, pp. 29-44, Nov. 2011.
|
8 |
G. Spathoulas and K. Sokratis, "Enhancing IDS performance through comprehensive alert post-processing," Computers & Security, vol. 37, pp. 176-196, Sep. 2013.
DOI
|
9 |
M.S. Shin, E.H. Kim, and K.H. Ryu, "False alarm classification model for net- work-based intrusion detection system," International Conference on Intelligent Data Engineering and Automated Learning, pp. 259-265, Aug. 2004.
|
10 |
T. Pietraszek and A. Tanner, "Data mining and machine learning-Towards reducing false positives in intrusion detection," Information Security Technical Report, vol. 10, pp. 169-183, 2005.
DOI
|
11 |
C. Thomas and N. Balakrishnan, "Performance enhancement of intrusion detection systems using advances in sensor fusion," pp. 1-7, July 2008.
|
12 |
G. Tjhai, S. Furnell, M. Papadaki, and N. Clarke, "A preliminary two-stage alarm correlation and filtering system using SOM neural network and K-means algorithm," Computers & Security, vol. 29, pp. 712-723, Sep. 2010.
DOI
|
13 |
S. Benferhat, A. Boudjelida, K. Tabia, and H. Drias, "An intrusion detection and alert correlation approach based on revising probabilistic classifiers using expert knowledge," Applied Intelligence, vol. 38, pp. 520-540, 2013.
DOI
|
14 |
N. Hubballi, S. Biswas, and S. Nandi, "Network specific false alarm reduction in intrusion detection system," Security and Communication Networks, vol. 4, pp. 1339-1349, Nov. 2011.
DOI
|
15 |
C. Chiu, Y. Lee, C Chang, W. Luo, and H Huang, "Semi-supervised learning for false alarm reduction," Industrial conference on data mining, pp. 595-605, 2010.
|
16 |
Y. Meng and L. Kwok, "Adaptive false alarm filter using machine learning in intrusion detection," Practical applications of intelligent systems, pp. 573-584, 2011.
|
17 |
Y. Meng and L. Kwok, "Intrusion detection using disagreement-based semi-supervised learning: detection enhancement and false alarm reduction," Cyberspace Safety and Security, pp. 483-497, 2012.
|
18 |
Y. Meng and L. Kwok, "Enhancing false alarm reduction using pool-based active learning in network intrusion detection," International Conference on Information Security Practice and Experience 2013, pp. 1-15, 2013.
|
19 |
W. Li, W. Meng, X. Luo, and L. Kwok, "MVPSys: Towards practical multi-view based false alarm reduction system in network intrusion detection," Computers & Security, vol. 60, pp. 177-192, 2016.
DOI
|
20 |
H. Liang, L. Taihui, X. Nannan, and H. Jiejun, "False positive elimination in in- trusion detection based on clustering," 12th International Conference on Fuzzy Systems and Knowledge Discovery (FSKD), pp. 519-523, Aug. 2015.
|
21 |
C.W. Hsu, C.C. Chang, and C.J. Lin, "A practical guide to support vector classification," pp. 1-16, 2003.
|
22 |
T. Alapaholuoma, J. Nieminen, J. Ylinen, T. Seppala, and P. Loula, "A behavior-based method for rationalizing the amount of ids alert data," ICCGI 2012, The Seventh International Multi-Conference on Computing in the Global Information Technology, June 2012.
|
23 |
J.O. Nehinbe, "Automated method for reducing false positives," 2010 International Conference on Intelligent Systems, Modelling and Simulation, pp. 54-59, Jan. 2010.
|
24 |
V. Vapnik, "The nature of statistical learning theory," Springer science & business media, 2013.
|
25 |
C.C. Chang and C.J. Lin, " LIBSVM: a library for support vector machines," ACM transactions on intelligent systems and technology, vol. 2, issue. 3, Apr. 2011.
|