Growing Hierarchical Self-Organizing Map for Filtering Intrusion Detection Alarms

I
ISPAN
2008
The International Symposium on Parallel Architectures, Algorithms, and Networks (i-span 2008)
Abstract - Growing Hierarchical Self-Organizing Map for Filtering Intrusion Detection Alarms

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Maya Shehab Articles by Nashat Mansour Articles by Ahmad Faour

The International Symposium on Parallel Architectures, Algorithms, and Networks (i-span 2008)

May 07-May 09

ISBN: 978-0-7695-3125-0

	ASCII Text	x
	Maya Shehab, Nashat Mansour, Ahmad Faour, "Growing Hierarchical Self-Organizing Map for Filtering Intrusion Detection Alarms," Parallel Architectures, Algorithms, and Networks, International Symposium on, pp. 167-172, The International Symposium on Parallel Architectures, Algorithms, and Networks (i-span 2008), 2008.

	BibTex	x
	@article{ 10.1109/I-SPAN.2008.42, author = {Maya Shehab and Nashat Mansour and Ahmad Faour}, title = {Growing Hierarchical Self-Organizing Map for Filtering Intrusion Detection Alarms}, journal ={Parallel Architectures, Algorithms, and Networks, International Symposium on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3125-0}, pages = {167-172}, doi = {http://doi.ieeecomputersociety.org/10.1109/I-SPAN.2008.42}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Parallel Architectures, Algorithms, and Networks, International Symposium on TI - Growing Hierarchical Self-Organizing Map for Filtering Intrusion Detection Alarms SN - 978-0-7695-3125-0 SP167 EP172 A1 - Maya Shehab, A1 - Nashat Mansour, A1 - Ahmad Faour, PY - 2008 KW - alarm filtering KW - computer security KW - growing hierarchical self-organizing map KW - intrusion detection KW - self-organizing map VL - 0 JA - Parallel Architectures, Algorithms, and Networks, International Symposium on ER -

Maya Shehab

Nashat Mansour

Ahmad Faour

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/I-SPAN.2008.42

A Network Intrusion Detection System (NIDS) monitors all network actions and generates alarms when it detects suspicious attempts. We present a data mining technique to assist network administrators to analyze and reduce false positive alarms that are produced by a NIDS. Our data mining technique is based on a Growing Hierarchical Self-Organizing Map (GHSOM) that adjusts its architecture during an unsupervised training process according to the characteristics of the input alarm data. GHSOM clusters these alarms in a way that supports network administrators in making decisions about true and false alarms. Our empirical results show that our technique is useful for real-world intrusion data.

Index Terms:

alarm filtering, computer security, growing hierarchical self-organizing map, intrusion detection, self-organizing map

Citation:

Maya Shehab, Nashat Mansour, Ahmad Faour, "Growing Hierarchical Self-Organizing Map for Filtering Intrusion Detection Alarms," ispan, pp.167-172, The International Symposium on Parallel Architectures, Algorithms, and Networks (i-span 2008), 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.