Year-end Sale % OFF 
Abstract
The Intrusion Detection System often produces a large number of alerts, in which 90% are useless. This makes it difficult for security administrator to identify real attack alerts. Using clustering algorithm, such as K-means, DBSCAN, can efficiently cluster the similar alerts, thus greatly reducing the number of alerts that need to be processed. However, the original clustering algorithm has some shortcomings, for example, the K-means has great dependence on the initial value selection, and it is easy to fall into local optimum. Therefore, this paper proposed a new alert aggregation method based on the genetic algorithm and K-means algorithm. We use the Darpa99 dataset to test the performance of our algorithm. And the experimental results show that the algorithm can obtain good aggregation results.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: IOP Conference Series: Materials Science and Engineering
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
