False Alert Detection Based on Deep Learning and Machine Learning

Among the large number of network attack alerts generated every day, actual security incidents are usually overwhelmed by a large number of redundant alerts. Therefore, how to remove these redundant alerts in real time and improve the quality of alerts is an urgent problem to be solved in large-scale network security protection. This paper uses the method of combining machine learning and deep learning to improve the effect of false alarm detection and then more accurately identify real alarms, that is, in the process of training the model, the features of a hidden layer output of the DNN model are used as input to train the machine learning model. In order to verify the proposed method, the authors use the marked alert data to do classification experiments and finally use the accuracy recall rate, precision, and F1 value to evaluate the model. Good results have been obtained.