Information security and Intrusion Detection System (IDS) plays a critical role in the Internet. IDS is an essential tool for detecting different kinds of attacks in a network and maintaining data integrity, confidentiality and system availability against possible threats. In this paper, a hybrid approach towards achieving high performance is proposed. In fact, the important goal of this paper ...

In this paper, we present an effective intrusion response engine combined with intrusion detection in ad hoc networks. The intrusion response engine is composed of a secure communication module, a local and a global response module. Its function is based on an innovative tree-based key agreement protocol while the intrusion detection engine is based on a class of neural networks called eSOM. Th...

Eight sites participated in the second DARPA off-line intrusion detection evaluation in 1999. A test bed generated live background traffic similar to that on a government site containing hundreds of users on thousands of hosts. More than 200 instances of 58 attack types were launched against victim UNIX and Windows NT hosts in three weeks of training data and two weeks of test data. False alarm...

Network based distributed intrusion detection is a common trend in several commercial intrusion detection systems. However, network based intrusion detection requires that a security officer comprehends the dynamic and non-deterministic nature of data traffic across the network. This paper provides security officers with a brief introduction to intrusion detection techniques and classifications...

Due to the rapid growth of networked computer resources and the increasing importance of related applications, intrusions which threaten the infrastructure of these applications have are critical problems. In recent years, several intrusion detection systems designed to identify and detect possible intrusion behaviors. In this work, an intrusion detection model is proposed to for building an in...

Distributed intrusion detection systems (IDS) have many advantages such as scalability, subversion resistance, and graceful service degradation. However, there are some impediments when they are implemented. The mobile agent (MA) technology is of many features to suit the implementation of distributed IDS. In this paper, we propose a novel architecture _•• MA·IDS with MA technology for distribu...

With the rapid growth of computer networks during the past few years, security has become a crucial issue for modern computer systems. A good way to detect illegitimate use is through monitoring unusual user activity. This can be achieved with an Intrusion Detection System, which identifies attacks and reacts by generating alerts or by blocking the unwanted data/traffic. These systems are mainl...

Computer systems and networks suffer due to rapid increase of attacks, and in order to keep them safe from malicious activities or policy violations, there is need for effective security monitoring systems, such as Intrusion Detection Systems (IDS). Many researchers concentrate their efforts on this area using different approaches to build reliable intrusion detection systems. Flow-based intrus...

Performance evaluation of Network Intrusion Detection Systems (NIDS) has been carried out to identify its limitations in high speed environment. This has been done by employing evasive and avoidance strategies simulating real-life normal and attack traffic flows on a sophisticated Test-Bench. Snort, an open source Intrusion Detection System, has been selected as an evaluation platform. In this ...