This chapter explores the general problem of the poorly detected attacks with Intrusion Detection Systems. The poorly detected attacks reveal the fact that they are characterized by features that do not discriminate them much. The poor performance of the detectors has been improved by discriminative training of anomaly detectors and incorporating additional rules into the misuse detector. This ...

Intrusion Detection Systems (IDSs) have been increasingly used in organizations, in addition to other security mechanisms, to detect intrusions to systems and networks. In the recent years several IDSs have been released, but (a) the high number of false alarms generated, (b) the lack of a high-level notation for attack signature specification, and (c) the difficulty to integrate IDSs with exis...

Signature-based intrusion detection systems (IDSs) have been widely deployed in network environments aiming to defend against different kinds of attacks. However, a large number of alarms, especially noncritical alarms could be generated during the detection, which can greatly lower the effectiveness of detection and increase the difficulty in analyzing the generated IDS alarms. The main reason...

Intrusion is something which is unsolicited activity and which might be used to interrupt the functions of wireless network. If we talk about wireless networks, having centralized monitoring policy; therefore it is very much easy to detect and eliminate intrusions efficiently. But when we look forward to wireless scenario, especially in the multi hop wireless network, intrusion activities are m...

Anomaly detection systems, also known as intrusion detection systems (IDSs), continuously monitor network traffic aiming to identify malicious actions. Extensive research has been conducted to build efficient IDSs emphasizing two essential characteristics. The first is concerned with finding optimal feature selection, while another deals with employing robust classification schemes. However, th...

Intrusion Detection in Mobile Ad Hoc Networks. (May 2004) Bo Sun, B.S., Nanjing University of Posts & Telecommunications; M.S., Beijing University of Posts & Telecommunications Chair of Advisory Committee: Dr. Udo W. Pooch Most existent protocols, applications and services for Mobile Ad Hoc NETworks (MANETs) assume a cooperative and friendly network environment and do not accommodate security. ...

Connected vehicles form a self-organized network without a priori fixed infrastructure. However, due to the lack of centralization, they are vulnerable to security attacks, and in order provide security against malicious attacks, Intrusion Detection Systems (IDSs) are being developed for major protection. In this paper, we propose a new scheme for IDSs based on neural networks, which is the Sel...

In recent years, mobile ad hoc networks (MANET) have become an interesting research area. This type of networks have a salient characteristics compare with wired networks which are more vulnerable. Nowadays, for the network security, defend in depth strategies are used. One of them is intrusion detection system (IDS). Many intrusion detection techniques developed for weird networks however, bec...

Security and Intrusion detection in 802.11 networks is currently an active area of research where WiFi specific Data Link layer attacks are an area of focus. While these attacks are very simple in implementation, their effect on WiFi networks can be devastating. Recent research has focused on producing machine learning based IDSs for these attacks. Such IDSs have shown promise. Our work investi...

The Controller Area Network (CAN) is the most widely used in-vehicle communication protocol, which still lacks implementation of suitable security mechanisms such as message authentication and encryption. This makes CAN bus vulnerable to numerous cyber attacks. Various Intrusion Detection Systems (IDSs) have been developed detect these However, high generalization capabilities Artificial Intell...