An incremental intrusion detection model using alarms correlation

Document Type : Research Paper


Department of Management and Economics, Science and Research Branch, Islamic Azad University, Tehran, Iran


Today, intrusion detection systems are extremely important in securing computers and computer networks. Correlated systems are next to intrusion detection systems by analyzing and combining the alarms received from them, appropriate reports for review and producing security measures. One of the problems faced by intrusion detection systems is generating a large volume of false alarms, so one of the most important issues in correlated systems is to check the alerts received by the intrusion detection system to distinguish true-positive alarms from false-positive alarms. The main focus of this research is on the applied optimization of classification methods to reduce the cost of organizations and security 
expert time in alert checking. The proposed intrusion detection model using correlation(IIDMC) is tested on a valid test dataset and the results show the efficiency of the proposed model and consequently its high accuracy.


Articles in Press, Accepted Manuscript
Available Online from 28 August 2021
  • Receive Date: 08 April 2021
  • Revise Date: 26 July 2021
  • Accept Date: 18 August 2021