Revising the Outputs of a Decision Tree with Expert Knowledge: Application to Intrusion Detection and Alert Correlation.
Salem BenferhatAbdelhamid BoudjelidaKarim TabiaPublished in: ICTAI (2012)
Keyphrases
- intrusion detection
- alert correlation
- expert knowledge
- intrusion detection system
- anomaly detection
- decision trees
- network traffic
- network security
- network intrusion detection
- domain knowledge
- expert systems
- detecting anomalous
- network intrusion
- network intrusions
- computer security
- information security
- fuzzy logic
- high detection rate
- prior knowledge
- data mining
- cyber security
- machine learning
- bayesian networks
- metadata
- intrusion detection and prevention
- monitoring system
- domain experts
- principal component analysis
- data sources
- training set
- attack graph
- attack scenarios
- genetic algorithm
- intrusion prevention