A hybrid artificial immune system and Self Organising Map for network intrusion detection
Information Sciences: an International Journal
A hybrid intrusion detection system design for computer network security
Computers and Electrical Engineering
Information fusion for computer security: State of the art and open issues
Information Fusion
Damage assessment and repair in attack resilient distributed database systems
Computer Standards & Interfaces
Review: Artificial intelligence approaches to network management: recent advances and a survey
Computer Communications
Feature: Intrusion Detection Revisited
Network Security
MNPA: a mobile network privacy architecture
Computer Communications
Design and implementation of a decentralized prototype system for detecting distributed attacks
Computer Communications
Building agents for rule-based intrusion detection system
Computer Communications
Automatic network intrusion detection: Current techniques and open issues
Computers and Electrical Engineering
E-NIPS: an event-based network intrusion prediction system
ISC'07 Proceedings of the 10th international conference on Information Security
Fast asymmetric thread synchronization
ACM Transactions on Architecture and Code Optimization (TACO) - Special Issue on High-Performance Embedded Architectures and Compilers
Network Anomaly Detection Using Co-clustering
ASONAM '12 Proceedings of the 2012 International Conference on Advances in Social Networks Analysis and Mining (ASONAM 2012)
Analyzing and defending against web-based malware
ACM Computing Surveys (CSUR)
Administrative evaluation of intrusion detection system
Proceedings of the 2nd annual conference on Research in information technology
Diversity measures for one-class classifier ensembles
Neurocomputing
Improving energy efficiency in distributed intrusion detection systems
Journal of High Speed Networks
| Hi-index | 0.00 |
Intrusion detection is a new, retrofit approach for providing a sense of security in existing computers and data networks, while allowing them to operate in their current "open" mode. The goal of intrusion detection is to identify unauthorized use, misuse, and abuse of computer systems by both system insiders and external penetrators. The intrusion detection problem is becoming a challenging task due to the proliferation of heterogeneous computer networks since the increased connectivity of computer systems gives greater access to outsiders and makes it easier for intruders to avoid identification. Intrusion detection systems (IDSs) are based on the beliefs that an intruder's behavior will be noticeably different from that of a legitimate user and that many unauthorized actions are detectable. Typically, IDSs employ statistical anomaly and rulebased misuse models in order to detect intrusions. A number of prototype IDSs have been developed at several institutions, and some of them have also been deployed on an experimental basis in operational systems. In the present paper, several host-based and network-based IDSs are surveyed, and the characteristics of the corresponding systems are identified. The host-based systems employ the host operating system's audit trails as the main source of input to detect intrusive activity, while most of the network-based IDSs build their detection mechanism on monitored network traffic, and some employ host audit trails as well. An outline of a statistical anomaly detection algorithm employed in a typical IDS is also included