Mobile ad hoc networks and wireless sensor networks have promised a wide variety of applications. However, they are often deployed in potentially adverse or even hostile environments. Therefore, they cannot be readily deployed without first addressing security challenges. Intrusion detection systems provide a necessary layer of indepth protection for wired networks. However, relatively little r...

Recent reports show that the loss from the malicious intrusion by insiders is more serious than by outsiders. Despite that the various attacks are occurred by insiders and outsiders, most work has been focused on the intrusion detection against outsider attacks. In this paper, we improve the Wang et al.’s insider predection model [15] and propose the combined model with access control for the e...

Network intrusion detection is the problem of detecting anomalous network connections caused by intrusive activities. Many intrusion detection systems proposed before use both normal and intrusion data to build their classifiers. However, intrusion data are usually scarce and difficult to collect. We propose to solve this problem using a novelty detection approach. In particular, we propose to ...

In The extensive growth of computing networks and tools and tricks for intruding into and attacking networks has underscored the importance of intrusion detection in network security. Yet, contemporary intrusion detection systems (IDS) are limiting in that they typically employ a misuse detection strategy, with searches for patterns of program or user behavior that match known intrusion scenari...

This paper presents techniques to integrate and reason about complementary intrusion evidence such as intrusion alerts generated by intrusion detection systems (IDSs) and reports by system monitoring or vulnerability scanning tools. To facilitate the modeling of intrusion evidence, this paper classifies intrusion evidence into either event-based evidence or state-based evidence. Event-based evi...

Intrusion Detection is the problem of identifying unauthorized use, misuse, and abuse of computer systems by both system insiders and external intruders. Intrusion Detection Systems provide in depth packet analysis and application awareness and can be deployed for discovering network attacks. In this scenario a system that gives intelligence about the traffic on your network is necessary. This ...

In recent years, cost-sensitive intrusion response has gained significant interest mainly due to its emphasis on the balance between potential damage incurred by the intrusion and cost of the response. However, one of the challenges in applying this approach is defining consistent and adaptable measurements of these cost factors on the basis of requirements and policy of the system being protec...

A Swarm-intelligence-based intrusion detection technique is proposed to in order to reduce the misjudgment & misdetection and increase the real-time response in the existing intrusion detection techniques show. Separating a huge and complicated intrusion detection system into severer independent detection units with unique function so that the amount of detection data processing and the complex...

Cyber attack is one of the most rapidly growing threats to the world of cutting edge information technology. As new tools and techniques are emerging everyday to make information accessible over the Internet, so is their vulnerabilities. Cyber defense is inevitable in order to ensure reliable and secure communication and transmission of information. Intrusion Detection System (IDS) and Intrusio...

Traditional Intrusion Detection Systems (IDSs) mostly work off-line, without any direct runtime interaction or coordination with the applications (and with other IDSs) that they aim to protect. Including intrusion detection and response in the repertoire of an adaptive application extends its range of adaptivity and increases its chances for survival. In this paper we show how intrusion detecti...