Modern computer networks are subject to various malicious attacks. Since attacks are becoming more sophisticated and networks are becoming larger there is a need for an efficient intrusion detection systems (IDSs) that can distinguish between legitimate and illegitimate traffic and be able to signal attacks in real time, before serious damages are produced. In this paper we use linear support v...

Intrusion Detection Systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, we have developed a methodology for testing IDSs. The methodology consists of techniques from the eld of software testing which we have adapted for the speciic purpose of testing IDSs. In this paper, we identify a set of ge...

Model: Treat IDS as a black box Intrusion detection capability CID = I(X ;Y ) H(X) ): How much (normalized) ground truth information an IDS can identify [Gu et al. ASIACCS’06] take into account all aspects of detection capability an intrinsic measure of intrusion detection capability an objective trade-off between FP and FN (without involving subjective cost) yields a series of related informat...

An insider threat is a menace to computer security as a result of unauthorized system misuse by users of an organization. A recent study jointly published by the United States Secret Service and Carnegie Mellon University [7] confirms the prevalence of computer crimes perpetrated by insiders across America’s organizations. Insider attacks can be more destructive and costly than attacks from the...

The intrusion detection systems (IDS) are usually designed to work on local networks. However, with the development of mobile networks and their applications, it became necessary to develop new architectures for IDSs to act on these networks in order to detect problems and ensure the correct operation of data communications and its applications. This paper presents a distributed IDS model for m...

* Corresponding author. This work is supported by the National Natural Science Foundation of China under Grant 60303012 Abstract: In recent years, intrusion detection has emerged as an important technique for network security. Due to the large volumes of security audit data as well as complex and dynamic properties of intrusion behaviors, to optimize the performance of intrusion detection syste...

The IT infrastructure of today needs to be ready to defend against massive cyber-attacks which often originate from distributed attackers such as Botnets. Most Intrusion Detection Systems (IDSs), nonetheless, are still working in isolation and cannot effectively detect distributed attacks. Collaborative IDSs (CIDSs) have been proposed as a collaborative defense against the ever more sophisticat...

Intrusion Detection Systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, we have developed a methodology for testing IDSs. The methodology consists of techniques from the eld of software testing which we have adapted for the speci c purpose of testing IDSs. In this paper, we identify a set of ge...

Intrusion detection systems (IDSs) have been widely used to overcome security threats in computer networks. Anomaly-based approaches have the advantage of being able to detect previously unknown attacks, but they suffer from the difficulty of building robust models of acceptable behaviour which may result in a large number of false alarms caused by incorrect classification of events in current ...

This paper is focused on detecting and analyzing the Distributed Denial of Service (DDoS) attacks in cloud computing environments. This type of attacks is often the source of cloud services disruptions. Our solution is to combine the evidences obtained from Intrusion Detection Systems (IDSs) deployed in the virtual machines (VMs) of the cloud systems with a data fusion methodology in the front-...