Architecture of distributed intrusion detection system based on anomalies

Authors:
A. Baláž;J. Trelová;M. Kostráb
Affiliations:
Technical University of Košice, Department of Computers and Informatics, Košice, Slovak Republic;Technical University of Košice, Department of Computers and Informatics, Košice, Slovak Republic;Technical University of Košice, Department of Computers and Informatics, Košice, Slovak Republic
Venue:
INES'10 Proceedings of the 14th international conference on Intelligent engineering systems
Year:
2010

Citing 5
Cited 1

Artificial intelligence: a modern approach

Artificial intelligence: a modern approach
Intrusion detection systems and multisensor data fusion

Communications of the ACM
Intrusion detection

Intrusion detection
The base-rate fallacy and the difficulty of intrusion detection

ACM Transactions on Information and System Security (TISSEC)
Using artificial anomalies to detect unknown and known network intrusions

Knowledge and Information Systems

Towards the reduction of data used for the classification of network flows

HAIS'12 Proceedings of the 7th international conference on Hybrid Artificial Intelligent Systems - Volume Part II

Quantified Score

Hi-index	0.00

Visualization

Abstract

The designed architecture of intrusion detection system uses a two-layer hybrid model for detecting intrusions. The system processes network flows in real communication operation and provides processing of these data in real time. First layer consists of detection sensors which provide basic processing of input data based on statistical methods with a direct connection to countermeasure modules. Performance and accuracy of the designed system is ensured with central distributed processing, in which the detection of generalized description of partial ordered events is used, preventing the intrusion itself. By this the attack variability of the same type are provided.