An intruder may target the ID scheme first in order to facilitate further malicious activities. For an intrusion-detection system that is operating in real time, an intruder could be exposed if they were simply to disable the IDS, a denial-of-service attack. A corrupted intrusion-detection system, however, might report erroneous information or fail to identify an attack. The consequences could ...

Network intrusion detection is the problem of detecting anomalous network connections caused by intrusive activities. Many intrusion detection systems proposed before use both normal and intrusion data to build their classifiers. However, intrusion data are usually scarce and difficult to collect. We propose to solve this problem using a novelty detection approach. In particular, we propose to ...

Mobile Ad Hoc Networks are vulnerable to a variety of network layer attacks such as black hole, grey hole, sleep deprivation & rushing attacks. In this paper we present an intrusion detection & adaptive response mechanism for MANETs that detects a range of attacks and provides an effective response with low network degradation. We consider the deficiencies of a fixed response to an intrusion; a...

This paper presents our statistical based intrusion detection framework for computer networks. This framework uses the six sigma technique to identify the thresholds for the critical network parameters. With the help of raw network data, the thresholds identified are used to differentiate normal, uncertain and abnormal behavior due to network intrusion. This is then used for efficient detection...

Supervisory Control and Data Acquisition (SCADA) systems, which are widely used in monitoring and controlling critical infrastructure sectors, are highly vulnerable to cyber attacks. Current security solutions can protect SCADA systems from known cyber assaults, but most solutions require human intervention. This paper applies autonomic computing technology to monitor SCADA system performance, ...

Intrusion detection systems have proved to be an effective instrument for protecting computer and network resources. In addition to preventive security mechanisms (e.g. authentication, encryption, or access control) they provide an automatic detection of security violations. Some systems are able to reduce arising damage by the automatic execution of intrusion response actions. For host-based s...

An intrusion detection system (IDS) is used to manage network traffic and monitors for suspicious activity and alerts the system or network administrator. One of the major properties of IDS is to respond for anomalous or malicious traffic by taking action such as blocking the user or source IP address from accessing the network. IDS can identify threats in various ways: 1) it detects specific s...

This paper proposes a group of criteria for evaluating Intrusion Detection Systems (IDS for short). In this article, an existing evaluation strategy of intrusion detection system is going to be briefly introduced as a case to be assessed against our proposed criteria. Intrusion Detection Systems are critical components to the primary defence of computer system and network security. An evaluatio...

Intrusion detection is considered to be an effective technique to detect attacks that violate the security policy of systems. There are basically three different kinds of intrusion detection: Anomaly detection, misuse detection and specification-based intrusion detection [MB02]. Specification-based intrusion detection differs from the others by describing the desired functionalities of security...