Data processing: artificial intelligence – Knowledge processing system – Knowledge representation and reasoning technique
Reexamination Certificate
2011-08-02
2011-08-02
Holmes, Michael (Department: 2129)
Data processing: artificial intelligence
Knowledge processing system
Knowledge representation and reasoning technique
Reexamination Certificate
active
07991726
ABSTRACT:
A system and method for analyzing Intrusion Detection System (IDS) alert data associated with a computer network is described. The method includes applying first association rules to obtained IDS alert data associated with a computer network and processing the obtained IDS alert data with the first association rules. Analyst feedback data associated with the processed obtained IDS alert data is received, and a training data set from the analyst feedback data is received. New association rules are determined based upon the training data set, and the new association rules are outputted to a display of a computing device. Outputting the new association rules may include outputting patterns within the IDS alert data of false positive alerts. The new association rules may be applied back to the obtained IDS alert data.
REFERENCES:
patent: 7181768 (2007-02-01), Ghosh et al.
patent: 7274332 (2007-09-01), Dupray
patent: 7295831 (2007-11-01), Coleman et al.
patent: 7525484 (2009-04-01), Dupray et al.
patent: 7661032 (2010-02-01), Eberbach et al.
patent: 7714778 (2010-05-01), Dupray
patent: 7739211 (2010-06-01), Coffman et al.
patent: 7764231 (2010-07-01), Karr et al.
patent: 7812766 (2010-10-01), Leblanc et al.
patent: 7827447 (2010-11-01), Eberbach et al.
patent: 7903029 (2011-03-01), Dupray
patent: 2002/0161763 (2002-10-01), Ye et al.
patent: 2007/0061882 (2007-03-01), Mukhopadhyay et al.
patent: 2007/0150954 (2007-06-01), Shon
Testing of detection systems, Leach, G.; Security Technology, 1995. Proceedings. Institute of Electrical and Electronics Engineers 29th Annual 1995 International Carnahan Conference on Digital Object Identifier: 10.1109/CCST.1995.524741 Publication Year: 1995 , pp. 104-109.
Using Outlier Detection to Reduce False Positives in Intrusion Detection, Fu Xiao; Xie Li; Network and Parallel Computing, 2008. NPC 2008. IFIP International Conference on Digital Object Identifier: 10.1109/NPC.2008.26 Publication Year: 2008 , pp. 26-33.
ntelligent query in intrusion detection audit system, Fei Gao; Qiang Xue; Ji-Zhou Sun; Machine Learning and Cybernetics, 2003 International Conference on vol. 4 Digital Object Identifier: 10.1109/ICMLC.2003.1259874 Publication Year: 2003 , pp. 2212-2216 vol. 4.
An Incremental Updating Algorithm for Online Mining Association Rules, Jia Yubo; Duan Yuntao; Wang Yongli; Web Information Systems and Mining, 2009. WISM 2009. International Conference on Digital Object Identifier: 10.1109/WISM 2009.37 Publication Year: 2009 , pp. 144-148.
Catlett Sean Kenric
Zhou Mian
Bank of America Corporation
Banner & Witcoff , Ltd.
Holmes Michael
Springs Michael
LandOfFree
Intrusion detection system alerts mechanism does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Intrusion detection system alerts mechanism, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Intrusion detection system alerts mechanism will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2718234