An intrusion detection system (IDS) is a security layer that is used to discover ongoing intrusive attacks and anomalous activities in information systems, which means usually working in a dynamically changing environment. Although increasing attention to IDSs is evident in the literature, network security administrators are still faced with the task of analyzing enormous numbers of alerts prod...

Past few years have witnessed a growing recognition of soft computing technologies for the construction of intelligent and reliable intrusion detection systems. Due to increasing incidents of cyber attacks, building effective intrusion detection systems (IDSs) are essential for protecting information systems security, and yet it remains an elusive goal and a great challenge. In this paper, we r...

Intrusion detection systems (IDSs) have become a widely used measure for security systems. The main problem for those systems results is the irrelevant alerts on those results. We will propose a data mining based method for classification to distinguish serious alerts and irrelevant one with a performance of 99.9 % which is better in comparison with the other recent data mining methods that hav...

Several alert correlation methods were proposed in the past several years to construct high-level attack scenarios from low-level intrusion alerts reported by intrusion detection systems (IDSs). These correlation methods have different strengths and limitations; none of them clearly dominate the others. However, all of these methods depend heavily on the underlying IDSs, and perform poorly when...

Until recently, network administrators manually arranged alarms produced by Intrusion Detection Systems (IDSs) to attain a highlevel description of threats. As the number of alarms is increasingly growing, automatic tools for alarm clustering have been proposed to provide such a high level description of the attack scenario. In addition, it has been shown that effective threat analysis require ...

In government and industry, intrusion detection systems (IDSs) are now stan­ dard equipment for large networks. IDSs are software or hardware systems that automate the process of monitor­ ing the events occurring in a computer system or network, analyzing them for signs of security problems. Despite the expansion of IDS technology in recent years, the accuracy, performance, and effectiveness of...

The problem of Internet intrusions has become a world-wide security concern. To protect computer users from malicious attacks, Intrusion Detection Systems (IDSs) are designed to monitor network traffic and computer activities in order to alert users about suspicious intrusions. Collaboration among IDSs allows users to benefit from the collective knowledge and information from their collaborator...

Corresponding Author: Mohsen Kakavand Faculty of Computer Science and Information Technology, University Putra Malaysia, 43400 UPM Serdang, Selangor Darul Ehsan, Malaysia Email: [email protected] Abstract: In contrast to traditional Intrusion Detection Systems (IDSs), data mining anomaly detection methods/techniques has been widely used in the domain of network traffic data for intrusion d...

Mobile Ad Hoc Networks (MANETs) are more vulnerable to different attacks. Prevention methods as cryptographic techniques alone are not sufficient to make them secure; therefore, efficient intrusion detection must be deployed and elaborated to facilitate the identification of attacks. An Intrusion Detection System (IDS) aims to detect malicious and selfish nodes in a network. The intrusion detec...

Networks are up against detecting dynamic and unknown threats. Anomaly-based neural network (NN) intrusion detection systems (IDSs) can manage this if trained and tested accordingly. This requires the IDS to be evaluated on how well it can detect these intrusions. Evaluating NN IDSs can be a complex and difficult task. One needs to be able to measure the convergence rate and performance (detect...