Since it is impossible to predict and identify all the vulnerabilities of a network beforehand, and penetration into a system by malicious intruders cannot always be prevented, intrusion detection systems (IDSs) are essential entities to ensure the security of a networked system. To be effective in carrying out their functions, the IDSs need to be accurate, adaptive, and extensible. Given these...

When an attacker tries to penetrate the network, there are many defensive systems, including intrusion detection systems (IDSs). Most IDSs are capable of detecting many attacks, but can not provide a clear idea to the analyst because of the huge number of false alerts generated by these systems. This weakness in the IDS has led to the emergence of many methods in which to deal with these alerts...

Over the last fifteen years the world has experienced a wide variety of computer threats and general computer security problems. As communication advances and information management systems become more and more powerful and distributed, organizations are becoming increasingly vulnerable to potential security threats such as intrusions at all levels of Information Communication Technology (ICT)....

The intrusion detection systems (IDSs) have attracted more researchers from last two decades. The much more work has been done in IDS. But still, there are some problems remain unsolved like false positive rate and detection accuracy. The various approaches are used in developing IDS; some of these are data mining, machine learning, statistic-based, and rule-based approaches. In this paper, we ...

Intrusion-detection systems (IDSs) aim at detecting attacks against information systems. Most intrusiondetection systems currently rely on some type of centralized processing to analyze the data necessary to detect an intruder in real time. A centralized approach can be vulnerable to attack (e.g., Denial of Service). Additionally many of these systems depends on analyzing the log files and pack...

Intrusion detection systems (IDSs) have become a widely used measure for security, but we still have a problem on those systems results which includes many irrelevant alerts, so we will propose a data mining based method for classification to distinguish serious alerts and irrelevant one with the performance of 99.9 % in comparison with the other recent data mining methods which have reached th...

Computer systems vulnerabilities such as software bugs are often exploited by malicious users to intrude into information systems. With the recent growth of the Internet such security limitations are becoming more and more pressing. One commonly used defense measure against such malicious attacks in the Internet are Intrusion Detection Systems (IDSs). Due to increasing incidents of cyber attack...

As it is well known, some Intrusion Detection Systems (IDSs) suffer from high rates of false positives and negatives. A mutation technique is proposed in this study to test and evaluate the performance of a full range of classifier ensembles for Network Intrusion Detection when trying to recognize new attacks. The novel technique applies mutant operators that randomly modify the features of the...

Cloud computing provides infrastructure to the enterprise through the Internet allowing access to cloud services at anytime and anywhere. This pervasive aspect of the services, the distributed nature of data and the wide use of information make cloud computing vulnerable to intrusions that violate the security of the cloud. This requires the use of security mechanisms to detect malicious behavi...

In addition to preventive mechanisms intrusion detection systems (IDS) are an important instrument to protect computer systems. Most IDSs used today realize the misuse detection approach. These systems analyze monitored events for occurrences of defined patterns (signatures), which indicate security violations. Up to now only little attention has been paid to the analysis efficiency of these sy...