Traditional Intrusion Detection Systems (IDSs) work in isolation from access control for the application the systems aim to protect. The lack of coordination and inter-operation between these components prevents detecting sophisticated attacks and responding to ongoing attacks in real time, before they cause damage. Another disadvantage is a large number of false positives. Reports of attacks c...

The past few years have seen significant increase in cyber attacks on the Internet, resulting in degraded confidence and trusts in the use of the Internet and computer systems. The cyber attacks are becoming more sophisticated, spreading quicker, and causing more damage. Attacks originally exploited the weakness of individual protocols and systems, but now start to target the basic infrastructu...

As the Internet offers increased connectivity between human beings, it has fallen prey to malicious users who exploit its resources to gain illegal access to critical information. In an effort to protect computer networks from external attacks, two common types of Intrusion Detection Systems (IDSs) are often deployed. The first type is signature-based IDSs which can detect intrusions efficientl...

Intrusion detection systems offer a new challenge for intelligent user interfaces research. IDSs commonly identify tens of thousands of alerts that may indicate intrusions over a computer network. In a system that we are currently building, the user constructs hypotheses concerning actual attacks and attempts to verify these hypotheses via knowledge embedded in the system and information extern...

Intrusion Detection Systems (IDSs) are the computer equivalent of office burglar alarms: they aim at monitoring computer networks for detecting attacks and intrusions. IDSs are becoming one of the main security components in secured network environments. Though rewarding, their mission is also challenging and IDSs are facing a few major obstacles. Analyzing these obstacles in order to define th...

Intrusion detection is an indispensable part of a security system. Since new attacks are emerging every day, intrusion detection systems (IDS) play a key role in identifying possible attacks to the system and giving proper responses. IDSs should adapt to these new attacks and attack strategies, and continuously improve. How to develop effective, efficient and adaptive intrusion detection system...

Intrusion is a set of related activities which is performed to provide unauthorized activities such as access to the useful information, file modification etc. It is a set of any actions that attempt to compromise the integrity, confidentiality, or availability of a computer resource. Intrusion Detection Systems (IDS) are used to monitor and detect the probable attempts of such types. An IDS co...

In this paper, we propose an approach for automatic generation of novel intrusion signatures. This approach can be used in the signature-based Network Intrusion Detection Systems (NIDSs) and for the automation of the process of intrusion detection in these systems. In the proposed approach, first, by using several one-class classifiers, the profile of the normal network traffic is established. ...

Due to the advancement in wireless technologies, many of new paradigms have opened for communications. Among these technologies, mobile ad hoc networks play a prominent role for providing communication in many areas because of its independent nature of predefined infrastructure. But in terms of security, these networks are more vulnerable than the conventional networks because firewall and gate...

This chapter explores the general problem of the poorly detected attacks with Intrusion Detection Systems. The poorly detected attacks reveal the fact that they are characterized by features that do not discriminate them much. The poor performance of the detectors has been improved by discriminative training of anomaly detectors and incorporating additional rules into the misuse detector. This ...