Using Learning Vector Quantization in Alert Management of Intrusion Detection System

Intrusion detection system (IDS) is used to produce security alerts to discover attacks againstprotected network and/or computer systems. IDSs generate high amount of security alerts andanalyzing these alert by a security expert are time consuming and error pron. IDS alertmanagement system are used to manage generated alerts and classify true positive and falsepositives alert. This paper represents an IDS alert management system that uses learning vectorquantization technique to classify generated alerts. Because of low classification time per eachalert, the system also could be used in active alert management systems.