Ad hoc networks have received great attention in recent years, mainly due to their important advantages and their growing demand. Nevertheless, ad hoc networks present many inherent vulnerabilities and demand efficient security mechanisms in order to be safeguarded. An efficient intrusion detection approach combined with an authenticated intrusion response can act as an effective line of defens...

Intrusion detection system (IDS) is the process of monitoring events occurring in a computer or network and analyzing them for signs possible incidents, which are violations imminent threats violation security policies. An intrusion prevention (IPS) software that has all capabilities an can also attempt to stop incidents. If anomaly traffic pass through IDS would generate false positive means i...

This chapter provides the overview of the state of the art in intrusion detection research. Intrusion detection systems are software and/or hardware components that monitor computer systems and analyze events occurring in them for signs of intrusions. Due to widespread diversity and complexity of computer infrastructures, it is difficult to provide a completely secure computer system. Therefore...

Cyber threats are serious concerns for power systems. For example, hackers may attack power control systems via interconnected enterprise networks. This paper proposes a risk assessment framework to enhance the resilience of power systems against cyber attacks. The duality element relative fuzzy evaluation method is employed to evaluate identified security vulnerabilities within cyber systems o...

To improve the measuring accuracy of intrusion detection, a system design of a node for intrusion detection is proposed in this paper. First, the technology that applies the traditional intrusion detection method, such as anomaly detection and misuse detection, into P2P networks is presented. Next, to build the trust relationship among the nodes, and realize the cooperation mechanism of data de...

In this paper we present a new method to process sequences of system calls for anomaly intrusion detection. The key idea is to build a multi-layer model of program behaviours based on both hidden Markov models and enumerating methods for anomaly intrusion detection, which differs from the conventional single layer approach. Our experiments on Unix sendmail program have shown that the model is b...

Network-based intrusion has become a serious threat to today’s highly networked information systems, existing intrusion defense approaches such as intrusion prevention, detection, tolerance and response are “passive” in response to network-based intrusions in that their countermeasures are limited to being local to the intrusion target and there is no automated, network-wide counteraction again...

In recent years, wireless sensor network becomes popular both in civil and military jobs. However, security is one of the significant challenges for sensor network because of their deployment in open and unprotected environment. As cryptographic mechanism is not enough to protect sensor network from external attacks, intrusion detection system (IDS) needs to be introduced. In this paper we prop...