Question: Problem: Intrusion Detection Systems (IDS) are notorious for requiring extensive adjustment and tailoring for each specific network they are deployed on. Efforts are needed to

Problem: Intrusion Detection Systems (IDS) are notorious for requiring extensive adjustment and tailoring for each specific network they are deployed on. Efforts are needed to reduce the large number of false positives that many signatures can generate. Analysts must spend a lot of time assessing alerts to determine whether or not they are true positives and, if so, whether or not they are also severe enough to warrant acting on those alerts. Signatures that generate too many false positives are often simply turned off to avoid the distractions and noise they generate. This leaves systems open to possible hidden attack vectors. Can we instead combine multiple weak, high-false-positive signatures to generate high value, low-false-positive strong indicators? Can we incorporate other knowledge to further reduce false positives, and point analysts to the events they truly need to focus on? Can we do this at scale, without requiring analysts to manually define the correlations? This project involves use of machine learning techniques to improve intrusion detection.

This is the problem. Write a literature review and include cited sources.

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Describe the types of cybercrimes facing organizations and critical infrastructures, explain the motives of cybercriminals, and evaluate the financial Explain both low-tech and high-tech methods...

WINTER 2010 V O L . 5 1 N O. 2 Steven A. Melnyk, Edward W. Davis, Robert E. Spekman and Joseph Sandor Outcome-Driven Supply Chains REPRINT NUMBER 51221 S U P P L Y C H A I N : M A N A G I N G F O R M...

Put together 10-20 slide presentation with recorded audio that demonstrates how you would present and deliver your capstone project to your intended audience. Your presentation should be persuasive,...

# ( Health Care Information Systems: A Practical Approach for Health Care Management, 3rd Edition PREV NEXT Chapter 17: Asses... ' " Appendixes CHAPTER 18 Health IT Leadership A Compendium of Case...

1. Describe the communication process. 2. Understand the importance of feedback in the communication process. 3. Understand various verbal and nonverbal methods of communication. 4. Understand the...

Using the Annual Report of your selected company answer the following questions in the Discussion: What is the value of the company's inventory at year end? What was the amount of cost of goods sold...

CHAPTER 14 The Massive Waterborne Outbreak ofCryptosporidium Infections, Milwaukee, Wisconsin, 1993 Jeffrey P. Davis, MD Wisconsin, 1993 INTRODUCTION: APRIL 5, 1993 On Monday morning, April 5, Dr....

Case 2-50 Deciphering Financial Statements (Lockheed Martin Corporation) Locate the 2011 financial statements for Lockheed Martin Corporation on the Internet. Reconstruct the company?s adjusted trial...

This attention to real-world concerns requires a comprehensive planning approach. Today, security safeguards generally fall into one of three categories: physical security, information security and...

Canadian Parent Company (Parent) has an accounts receivable of US$100,000 due in 30 days. This amount is reflected on the Parent stand-alone statement of financial position. It happens to be exactly...

You must fill a 16,555 gallon tank in one month with water. If you know that there are 3.8L per gallon, how fast does the water have to be running in liters per hour?

7 In pairs or in a small group, discuss. Sofia, Zara and Arun discuss what to write for this problem. I think of a number, n. I divide by 3, then multiply by 2. What do you think? Make a conjecture...

CT Corp Comprehensive Question Canadian Tire Corporation, Limited (Canadian Tire) is a family of companies that includes a retail segment and a financial services division, among others. The retail...

Using the information gathered in Application Exercise 7, prepare a combination general rsum that could be used with at least three of the advertised positions. Partner with a classmate to proofread...

Technology. Assume you worked for your father at his car dealership while attending school. Because you have limited work experience, you want to include this on your rsum. You have written the...

What content should go in the closing paragraph of an application letter? (Objective 1)