We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system [22]. Our benchmarks on the 1999 DARPA data set [15] show a higher detection rate and lower number of false positives than PAYL and PHAD.

In this article, we proposed an inner intrusion detection system, named Cumulative-Sum-based Inner Intrusion Detection System (CSIIDS), which detects inner malicious behaviors, launched toward local servers/hosts by other local hosts. Detection is performed based on Cumulative Sum (CUSUM) algorithm. Experimental results show that CSIIDSs can carry out a higher security level for the protected n...

As Mobile ad-hoc network (MANET) has become a very important technology the security problem, especially, intrusion detection technique research has attracted many people’s effort. MANET is more vulnerable than wired network and suffers intrusion like wired network. This paper investigated some intrusion detection techniques using machine learning and proposed a profile based neighbor monitorin...

Traditional network-based intrusion detection systems using deep packet inspection are not feasible for modern high-speed networks due to slow processing and inability to read encrypted packet content. As an alternative to packetbased intrusion detection, researchers have focused on flow-based intrusion detection techniques. Flow-based intrusion detection systems analyze IP flow records for att...

Nowadays the organizations are facing the number of threats every day in the form of viruses and attack etc. Since many different mechanisms were preferred by organizations in the form of intrusion detection and prevention system to protect its organizations from these kinds of attacks. Intrusion Detection System (IDS) is considered as a system integrated with intelligent subsystems. In this pa...

Intrusion Detection Based On Artificial Intelligence Technique proposed for the development in the field of intrusion detection using artificial intelligence

In this paper, we present a new learning algorithm for anomaly based network intrusion detection using improved self adaptive naïve Bayesian tree (NBTree), which induces a hybrid of decision tree and naïve Bayesian classifier. The proposed approach scales up the balance detections for different attack types and keeps the false positives at acceptable level in intrusion detection. In complex and...

The network traffic data provided for the design of intrusion detection always are large with ineffective information and enclose limited and ambiguous information about users’ activities. We study the problems and propose a two phases approach in our intrusion detection design. In the first phase, we develop a correlation-based feature selection algorithm to remove the worthless information fr...

Security of networks controlling smart grids is an important subject. The shift of the power grid towards a smart grid results in more distributed control functions, while intrusion detection of the control network mostly remains centrally based. Moreover, existing local (host-based) intrusion detection systems do not yet take into account the physical process itself. Therefore, this work propo...

We embark into theoretical approaches for the investigation of intrusion detection schemes. Our main motivation is to provide rigorous security requirements for intrusion detection systems that can be used by designers of such systems. Our model captures and generalizes well-known methodologies in the intrusion detection area, such as anomaly-based and signature-based intrusion detection, and f...