@inproceedings{375e29f4b4fc46b88d3f4ca731e3c024,
title = "Intrusion detection alert verification based on multi-level fuzzy comprehensive evaluation",
abstract = "Alert verification is a process which compares the information referred by an alert with the configuration and topology information of its target system in order to determine if the alert is relevant to its target system. It can reduce false positive alerts and irrelevant alerts. The paper presents an alert verification approach based on multi-level fuzzy comprehensive evaluation. It is effective in achieving false alert and irrelevant alerts reduction, which have been proved by our experiments. The algorithm can deal with the uncertainties better than other alert verification approaches. The relevance score vectors obtained from the algorithm facilitate the formulation of fine and flexible security policies, and further alert processing.",
author = "Chengpo Mu and Houkuan Huang and Shengfeng Tian",
year = "2005",
doi = "10.1007/11596448\_2",
language = "English",
isbn = "3540308180",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "9--16",
booktitle = "Computational Intelligence and Security - International Conference, CIS 2005, Proceedings",
note = "International Conference on Computational Intelligence and Security, CIS 2005 ; Conference date: 15-12-2005 Through 19-12-2005",
}