Review Article: RePIDS: A multi tier Real-time Payload-based Intrusion Detection System
TLDR
A novel Real-time Payload-based Intrusion Detection System (RePIDS) that integrates a 3-Tier IFSEng and the MDM approach is proposed that achieves better performance and lower computational complexity when compared against two state-of-the-art payload-based intrusion detection systems.About:
This article is published in Computer Networks.The article was published on 2013-02-01 and is currently open access. It has received 81 citations till now. The article focuses on the topics: Intrusion detection system & Anomaly detection.read more
Citations
More filters
Journal ArticleDOI
A System for Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis
TL;DR: A DoS attack detection system that uses multivariate correlation analysis (MCA) for accurate network traffic characterization by extracting the geometrical correlations between network traffic features by learning the patterns of legitimate network traffic only is presented.
Data preprocessing for anomaly based network intrusion detection : a review
Jonathan J. Davis,Andrew Clark +1 more
TL;DR: The review finds that many NIDS limit their view of network traffic to the TCP/IP packet headers, and shows a trend toward deeper packet inspection to construct more relevant features through targeted content parsing.
Journal ArticleDOI
Novel Geometric Area Analysis Technique for Anomaly Detection Using Trapezoidal Area Estimation on Large-Scale Networks
TL;DR: A novel Geometric Area Analysis technique based on Trapezoidal Area Estimation (TAE) for each observation computed from the parameters of the Beta Mixture Model (BMM) for features and the distances between observations achieves a higher detection rate and lower FPR with a lower processing time than other competing methods.
Journal ArticleDOI
Detection of Denial-of-Service Attacks Based on Computer Vision Techniques
TL;DR: This work presents a proposed EMD-based detection system, which is developed based on a widely used dissimilarity measure, namely Earth Mover's Distance (EMD), that can detect unknown DoS attacks and achieves 99.95 percent detection accuracy on KDD Cup 99 dataset and 90.12 percent on ISCX 2012 IDS evaluation dataset.
Journal ArticleDOI
Toward a reliable anomaly-based intrusion detection in real-world environments
TL;DR: A new method for creating intrusion databases that is easy to update and reproduce with real and valid traffic, representative, and publicly available is presented and the results show that most of the assumptions frequently applied in studies in the literature do not hold when using a machine learning detection scheme for network-based intrusion detection.
References
More filters
Reference EntryDOI
Principal Component Analysis
TL;DR: Principal component analysis (PCA) as discussed by the authors replaces the p original variables by a smaller number, q, of derived variables, the principal components, which are linear combinations of the original variables.
Journal ArticleDOI
The scree test for the number of factors
TL;DR: The Scree Test for the Number Of Factors this paper was first proposed in 1966 and has been used extensively in the field of behavioral analysis since then, e.g., in this paper.
Journal ArticleDOI
An Intrusion-Detection Model
TL;DR: A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.
Journal ArticleDOI
Anomaly-based network intrusion detection: Techniques, systems and challenges
TL;DR: The main challenges to be dealt with for the wide scale deployment of anomaly-based intrusion detectors, with special emphasis on assessment issues are outlined.
Journal ArticleDOI
An overview of anomaly detection techniques: Existing solutions and latest technological trends
Animesh Patcha,Jung-Min Park +1 more
TL;DR: This paper provides a comprehensive survey of anomaly detection systems and hybrid intrusion detection systems of the recent past and present and discusses recent technological trends in anomaly detection and identifies open problems and challenges in this area.