Dissertations / Theses on the topic 'Intrusion Detection System'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Intrusion Detection System.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
Sainani, Varsha. "Hybrid Layered Intrusion Detection System." Scholarly Repository, 2009. http://scholarlyrepository.miami.edu/oa_theses/44.
Full textMaharjan, Nadim, and Paria Moazzemi. "Telemetry Network Intrusion Detection System." International Foundation for Telemetering, 2012. http://hdl.handle.net/10150/581632.
Full textTelemetry systems are migrating from links to networks. Security solutions that simply encrypt radio links no longer protect the network of Test Articles or the networks that support them. The use of network telemetry is dramatically expanding and new risks and vulnerabilities are challenging issues for telemetry networks. Most of these vulnerabilities are silent in nature and cannot be detected with simple tools such as traffic monitoring. The Intrusion Detection System (IDS) is a security mechanism suited to telemetry networks that can help detect abnormal behavior in the network. Our previous research in Network Intrusion Detection Systems focused on "Password" attacks and "Syn" attacks. This paper presents a generalized method that can detect both "Password" attack and "Syn" attack. In this paper, a K-means Clustering algorithm is used for vector quantization of network traffic. This reduces the scope of the problem by reducing the entropy of the network data. In addition, a Hidden-Markov Model (HMM) is then employed to help to further characterize and analyze the behavior of the network into states that can be labeled as normal, attack, or anomaly. Our experiments show that IDS can discover and expose telemetry network vulnerabilities using Vector Quantization and the Hidden Markov Model providing a more secure telemetry environment. Our paper shows how these can be generalized into a Network Intrusion system that can be deployed on telemetry networks.
Sonbul, O., M. Byamukama, S. Alzebda, and A. N. Kalashnikov. "Autonomous intrusion detection information system." Thesis, Сумський державний університет, 2012. http://essuir.sumdu.edu.ua/handle/123456789/28777.
Full textAdemi, Muhamet. "Web-Based Intrusion Detection System." Thesis, Malmö högskola, Fakulteten för teknik och samhälle (TS), 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-20271.
Full textSatam, Shalaka Chittaranjan, and Shalaka Chittaranjan Satam. "Bluetooth Anomaly Based Intrusion Detection System." Thesis, The University of Arizona, 2017. http://hdl.handle.net/10150/625890.
Full textPrasad, Praveen. "A dynamically reconfigurable intrusion detection system." NCSU, 2003. http://www.lib.ncsu.edu/theses/available/etd-05202003-181843/.
Full textSong, Jingping. "Feature selection for intrusion detection system." Thesis, Aberystwyth University, 2016. http://hdl.handle.net/2160/3143de58-208f-405e-ab18-abcecfc8f33b.
Full textBarrios, Rita M. "An Adaptive Database Intrusion Detection System." NSUWorks, 2011. http://nsuworks.nova.edu/gscis_etd/86.
Full textMoyers, Benjamin. "Multi-Vector Portable Intrusion Detection System." Thesis, Virginia Tech, 2009. http://hdl.handle.net/10919/34265.
Full textMaster of Science
Le, Anhtuan. "Intrusion Detection System for detecting internal threats in 6LoWPAN." Thesis, Middlesex University, 2017. http://eprints.mdx.ac.uk/21958/.
Full textGade, Vaibhav. "Intrusion Detection System as a Service : Providing intrusion detection system on a subscription basis for cloud deployment." Thesis, Blekinge Tekniska Högskola, Institutionen för kommunikationssystem, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-10833.
Full textGandre, Amit Prafullachandra. "Implementation of a policy-based intrusion detection system--Generic Intrusion Detection Model (GIDEM version 1.1)." [Gainesville, Fla.] : University of Florida, 2001. http://purl.fcla.edu/fcla/etd/UFE0000317.
Full textTitle from title page of source document. Document formatted into pages; contains vi, 66 p.; also contains graphics. Includes vita. Includes bibliographical references.
Ozbey, Halil. "A Genetic-based Intelligent Intrusion Detection System." Master's thesis, METU, 2005. http://etd.lib.metu.edu.tr/upload/2/12606636/index.pdf.
Full texts behavior in the absence of negative data. First, we design and develop an intelligent and behavior-based detection mechanism using genetic-based machine learning techniques with subsidies in the Bucket Brigade Algorithm. It classifies the possible system states to be normal and abnormal and interprets the abnormal state observations as evidences for the presence of an intrusion. Next we provide another algorithm which focuses on capturing normal behavior of the target system to detect intrusions again by identifying anomalies. A compact and highly complete rule set is generated by continuously inserting observed states as rules into the rule set and combining similar rule pairs in each step. Experiments conducted using the KDD-99 data set have produced fairly good results for both of the algorihtms.
Otto, vor dem gentschen Felde Nils. "Ein föderiertes Intrusion Detection System für Grids." Diss., lmu, 2008. http://nbn-resolving.de/urn:nbn:de:bvb:19-95066.
Full textNguyen, Quang Trung. "Intrusion Detection System for Classifying User Behavior." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-26398.
Full textKarimi, Ahmad Maroof. "Distributed Machine Learning Based Intrusion Detection System." University of Toledo / OhioLINK, 2016. http://rave.ohiolink.edu/etdc/view?acc_num=toledo1470401374.
Full textSalce, Licia <1973>. "Potenzialità e limiti degli Intrusion Detection System." Master's Degree Thesis, Università Ca' Foscari Venezia, 2014. http://hdl.handle.net/10579/4792.
Full textJudd, John David. "Stream splitting in support of intrusion detection." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2003. http://library.nps.navy.mil/uhtbin/hyperion-image/03Jun%5FJudd.pdf.
Full textHansen, Sinclair D. "An intrusion detection system for supervisory control and data acquisition systems." Thesis, Queensland University of Technology, 2008. https://eprints.qut.edu.au/16636/1/Sinclair_Hansen_Thesis.pdf.
Full textHansen, Sinclair D. "An intrusion detection system for supervisory control and data acquisition systems." Queensland University of Technology, 2008. http://eprints.qut.edu.au/16636/.
Full textMoten, Daryl, and Farhad Moazzami. "Telemetry Network Intrusion Detection Test Bed." International Foundation for Telemetering, 2013. http://hdl.handle.net/10150/579527.
Full textThe transition of telemetry from link-based to network-based architectures opens these systems to new security risks. Tools such as intrusion detection systems and vulnerability scanners will be required for emerging telemetry networks. Intrusion detection systems protect networks against attacks that occur once the network boundary has been breached. An intrusion detection model was developed in the Wireless Networking and Security lab at Morgan State University. The model depends on network traffic being filtered into traffic streams. The streams are then reduced to vectors. The current state of the network can be determined using Viterbi analysis of the stream vectors. Viterbi uses the output of the Hidden Markov Model to find the current state of the network. The state information describes the probability of the network being in predefined normal or attack states based on training data. This output can be sent to a network administrator depending on threshold levels. In this project, a penetration-testing tool called Metasploit was used to launch attacks against systems in an isolated test bed. The network traffic generated during an attack was analyzed for use in the MSU intrusion detection model.
Prestberg, Lars. "Automatisk sammanställning av mätbara data : Intrusion detection system." Thesis, Mittuniversitetet, Avdelningen för informations- och kommunikationssystem, 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-28254.
Full textSohal, Amandeep Kaur. "A taxonomy-based approach to intrusion detection system." abstract and full text PDF (free order & download UNR users only), 2007. http://0-gateway.proquest.com.innopac.library.unr.edu/openurl?url_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:dissertation&res_dat=xri:pqdiss&rft_dat=xri:pqdiss:1446428.
Full textAng, Kah Kin. "A multilevel secure constrained intrusion detection system prototype." Thesis, Monterey, California. Naval Postgraduate School, 2010. http://hdl.handle.net/10945/5026.
Full textThe Monterey Security Architecture (MYSEA) provides a distributed multilevel secure (MLS) environment consisting of a MLS local area network (LAN) and multiple single-level networks. The MYSEA server enforces a mandatory access control policy to ensure that users can only access data for which they are authorized. Intrusion detection systems (IDS) placed on a single-level network can store the alerts in the IDS databases at the same classification level as the network being monitored. As most databases do not support the enforcement of mandatory security policies, access to these databases is restricted to singlelevel access only. Thus, administrators are not presented with a coherent view of IDS alerts from all of the connected networks. The objective of this thesis is to design a database proxy to allow administrators to view and analyze IDS information at multiple classification levels while enforcing the systems overall mandatory policy. Based on the derived concept of operations and the requirements, a design for the database proxy that mediates access to databases at different levels was conceived. A prototype database proxy was implemented along with modifications to a web-based analysis tool to allow the viewing and analysis of IDS information at multiple classification levels.
Al-Nashif, Youssif. "MULTI-LEVEL ANOMALY BASED AUTONOMIC INTRUSION DETECTION SYSTEM." Diss., The University of Arizona, 2008. http://hdl.handle.net/10150/195504.
Full textLangin, Chester Louis. "A SOM+ Diagnostic System for Network Intrusion Detection." OpenSIUC, 2011. https://opensiuc.lib.siu.edu/dissertations/389.
Full textBorek, Martin. "Intrusion Detection System for Android : Linux Kernel System Salls Analysis." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-222382.
Full textSmartphones ger tillgång till en uppsjö av privat information som potentiellt kan leda till finansiella och personliga svårigheter. Därför måste de vara väl skyddade. En dynamisk lösning behövs som skyddar Android-telefoner i realtid. Systemanrop har tidigare undersökts som en effektiv metod för dynamisk analys av Android. Emellertid fokuserade dessa tidigare studier på systemanrop i en emulerad sandbox miljö, vilket inte visar lämpligheten av detta tillvägagångssätt för realtidsanalys av själva enheten. Detta arbete fokuserar på analys av Linux kärnan systemanrop på ARMv8 arkitekturen. Givet begränsningarna som existerar i Android-telefoner är det väsentligt att minimera resurserna som krävs för analyserna. Därför fokuserade vi på sekvenseringen av systemanropen. Med detta tillvägagångssätt sökte vi en metod som skulle kunna användas för realtidsdetektering av skadliga program direkt på Android-telefoner. Vi experimenterade dessutom med olika funktionsvektorer för att representera data; histogram, n-gram och co-occurrence matriser. All data hämtades från en riktig Android enhet då de existerande Android emulatorerna visade sig vara olämpliga för att emulera ett system med ARMv8 arkitekturen. Resultaten visar att Linus kärnans sekvensering har tillräckligt med information för att upptäcka skadligt beteende av skadliga applikationer på ARMv8 arkitekturen. Alla funktionsvektorer presterade bra. N-gram och cooccurrence matriserna uppnådde till och med lysande resultat. För att reducera beräkningskomplexiteten av analysen, experimenterade vi med att enbart använda de vanligaste systemanropen. Fast noggrannheten minskade lite, var det värt uppoffringen eftersom beräkningskomplexiteten reducerades märkbart.
Buennemeyer, Timothy Keith. "Battery-Sensing Intrusion Protection System (B-SIPS)." Diss., Virginia Tech, 2008. http://hdl.handle.net/10919/30037.
Full textPh. D.
Karkera, Akhil Narayan. "Design and implementation of a policy-based intrusion detection system generic intrusion detection model for a distributed network /." [Gainesville, Fla.] : University of Florida, 2002. http://purl.fcla.edu/fcla/etd/UFE0000550.
Full textNayeem, Fatima, and M. Vijayakamal. "Policies Based Intrusion Response System for DBMS." IJCSN, 2012. http://hdl.handle.net/10150/271494.
Full textIntrusion detection systems play an important role in detecting online intrusions and provide necessary alerts. Intrusion detection can also be done for relational databases. Intrusion response system for a relational database is essential to protect it from external and internal attacks. We propose a new intrusion response system for relational databases based on the database response policies. We have developed an interactive language that helps database administrators to determine the responses to be provided by the response system based on the malicious requests encountered by relational database. We also maintain a policy database that maintains policies with respect to response system. For searching the suitable policies algorithms are designed and implemented. Matching the right policies and policy administration are the two problems that are addressed in this paper to ensure faster action and prevent any malicious changes to be made to policy objects. Cryptography is also used in the process of protecting the relational database from attacks. The experimental results reveal that the proposed response system is effective and useful.
Fleming, Theodor, and Hjalmar Wilander. "Network Intrusion and Detection : An evaluation of SNORT." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-144335.
Full textSchiavo, Sandra Jean. "An intrusion-detection tutoring system using means-ends analysis." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 1995. http://handle.dtic.mil/100.2/ADA294283.
Full textHashmi, Adeel. "Hardware Acceleration of Network Intrusion Detection System Using FPGA." Thesis, Manchester Metropolitan University, 2011. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.526973.
Full textZhang, Huan. "Parallelization of a software based intrusion detection system - Snort." Thesis, University of Canterbury. Electrical and Computer Engineering, 2011. http://hdl.handle.net/10092/5988.
Full textMcDonald, Kevin E. (Kevin Edward) 1978. "A lightweight real-time host-based intrusion detection system." Thesis, Massachusetts Institute of Technology, 2001. http://hdl.handle.net/1721.1/86677.
Full textIncludes bibliographical references (leaves 98-100).
by Kevin E. McDonald.
M.Eng.
Stanley, Fred Philip. "Intrusion detection and response for system and network attacks." [Ames, Iowa : Iowa State University], 2009.
Find full textLiu, Zhen. "A lightweight intrusion detection system for the cluster environment." Master's thesis, Mississippi State : Mississippi State University, 2003. http://sun.library.msstate.edu/ETD-db/theses/available/etd-07102003-152642/unrestricted/ZhenLiu%5Fthesis.pdf.
Full textGanesh, Kandalgaonkar Amol. "Enhancing an intrusion detection system framework using selective feedback." Columbus, Ohio : Ohio State University, 2003. http://rave.ohiolink.edu/etdc/view?acc%5Fnum=osu1162313091.
Full textVigo, Jr John L. "Wireless intrusion detection system." 2004. http://etd-db.uno.edu/theses/available/etd-11242004-142849/.
Full textTitle from electronic submission form. "A thesis ... in partial fulfillment of the requirements for the degree of Master of Science in the Department of Computer Science."--Thesis t.p. Vita. Includes bibliographical references.
Tsai, Kuo-Shou, and 蔡國手. "An Embedded Intrusion Detection System." Thesis, 2000. http://ndltd.ncl.edu.tw/handle/40544653703402308739.
Full text國立交通大學
資訊管理所
88
An Intrusion Detection System (IDS) is used to protect data from being misused or unauthorized accessed. It monitors the system activities to find whether they contain any predefined attack signature. But the weakness of all common IDSs is the security problem of the IDS themselves. An IDS may be the first target of experienced attackers. An Embedded Intrusion Detection System trys to avoid the problem by hiding itself in a protected host. The idea is intuitive and simple, if we want to use IDS to protect a web server, we put together the IDS and the web server. We use HTTP to talk to the IDS, and normal web visitor uses HTTP to access what he want. The IDS is “ Embedded” within the web server. It is not easy for attackers to find the IDS such that the IDS should be more secure.
Wang, Po-Wei, and 王博瑋. "NetFlow Based Intrusion Detection System." Thesis, 2004. http://ndltd.ncl.edu.tw/handle/82779373654190533992.
Full text大同大學
資訊工程學系(所)
92
Due to the popularity of Internet, people can access remote resource on the Internet conveniently. But numerous malicious network events such as computer virus and hacker attack make the network management more difficult. A network intrusion detection system is thus more and more demanding. In this thesis, a NetFlow based anomaly intrusion detection system is presented. In addition, guidelines to properly configure and setup network device to minimize the possibilities that network attacks come from inside are also proposed. As the Internet becomes the platform of daily activities, the threat of network attack is also become more serious. Firewall along is not capable to protect the system from being attacked through normal service channel. Furthermore, most of the current intrusion detection system focus on the border of organization network which does not provide protection to hosts in the local network and the network itself if the attack is from inside. Therefore, in addition to the firewall and border IDS, we need to use other type of intrusion detection system to protect the critical system as well as the network itself.We propose an inexpensive and easy to implement way to perform the anomaly type intrusion detection based on the NetFlow information exported from the routers or other network probes. Our system can detect several types of network attack from inside or outside and perform counter maneuver accordingly.
KUMAR, VIJAY. "AN EFFICIENT INTRUSION DETECTION SYSTEM." Thesis, 2011. http://dspace.dtu.ac.in:8080/jspui/handle/repository/13830.
Full textNetwork security has become a critical issue due to increase of traffic on the internet. Traffic on the internet has also increased the attack types. Intrusion detection has become one of the major tasks. It faces a number of challenges; an intrusion detection system must reliably detect malicious activities in a network and must perform efficiently to cope with the large amount of network traffic. In this thesis we are trying to analyze various techniques for intrusion detection on the bases of efficiency, accuracy and robustness. It has been seen that various anomaly based approaches face the problem of a large number of false alarms which may cause the network administrator to ignore them completely. We have implemented two of the latest hybrid approaches Layered approach using conditional random fields and Fuzzy clustering with artificial neural networks (FCANN). We observed that FCANN provide better results.
Lauf, Adrian Peter. "HybrIDS embeddable hybrid intrusion detection system /." Diss., 2007. http://etd.library.vanderbilt.edu/ETD-db/available/etd-12062007-095827/.
Full textTSU-WEI, CHANG, and 張祖瑋. "Multi-Agent based Intrusion Detection System." Thesis, 2009. http://ndltd.ncl.edu.tw/handle/31974123819869911059.
Full text開南大學
資訊管理學系
97
As the rapid development and pervasion of the Internet, network attacks are happened more frequently in these days. Network security becomes more important, while the firewall deployment is the first defense line for the information security. However, as the risks of network security get higher, firewalls can no longer satisfy the needs of network security. As a result, the intrusion detection system (IDS) becomes another important security mechanism. High false positive rate is one of the major issues for IDSs. An agent-based intrusion detection system is designed by combining current IDS technologies with multi-agent systems. This anomaly detection method adopts self-organizing maps exclusively to learn the characteristics of normal behaviors. As long as some network behavior is deviated from normal one, this Multi-Agent based Intrusion Detection System (MAIDS) can detect it with low false positive rate.
Lee, Yen-Chin, and 李彥青. "Intrusion Detection System with Temporal Relationships." Thesis, 2008. http://ndltd.ncl.edu.tw/handle/35569911356322760536.
Full text國立臺灣科技大學
資訊工程系
96
In society nowadays, the use of Internet becomes more prevalent. However, as the Internet developed, it also has a growing number of potential risks. We need some mechanisms to help us protecting our systems from these risks. An Intrusion Detection System (IDS) is generally used to detect anomalous behaviors and give system administrators alarms if it detects suspicious behaviors. We design an intrusion detection system by considering temporal relationships among them, and then use semi-supervised learning with EM algorithm to update our model. To consider temporal relationships among data, we use a Hidden Markov Model (HMM). To deal with high dimensional data, so we combine HMM with Naive Bayes. Also, to consider temporal interaction of order higher than one, we adopt high-order Markov model and the detection result shows us better performance than the result from one-order Markov model. On the other hand, we use the result of support vector machine with temporal consideration to compare with our experiment result. By the results, we can observe that the temporal relationships can really help us to achieve higher detection accuracy. Finally, as an adaptive version of our model, we use semi-supervised learning with EM algorithm to tune our parameters. By this way, we can train a model which can fit to the real environment with adaptive manner.
Rabie, Mohammad A. "Attack visualization for intrusion detection system." Thesis, 2002. http://library1.njit.edu/etd/fromwebvoyage.cfm?id=njit-etd2002-092.
Full textDass, Mayukh. "LIDS a Learning Intrusion Detection System /." 2003. http://purl.galileo.usg.edu/uga%5Fetd/dass%5Fmayukh%5F200308%5Fms.
Full textDirected by Walter D. Potter. Includes articles published in The proceedings of the 16th International Flairs Conference, The proceedings of the 6th International Conference on Industrial & Engineering Applications of Artificial Intelligence & Expert Systems, and The digital proceedings of the 41st ACM Southeast Conference, and an article submitted to Network Security Conference. Includes bibliographical references.
Sachdev, M. "Wireless intrusion detection system using fingerprinting." Thesis, 2014. http://ethesis.nitrkl.ac.in/5636/1/E-69.pdf.
Full textR, UNNI. "PC Based Ultrasonic Intrusion Detection System." Thesis, 2018. http://ethesis.nitrkl.ac.in/9945/1/2018_MT_216EC3221_RUnni_PC.pdf.
Full textChen, Sout-Fong, and 陳少鋒. "Building Intrusion Pattern Miner for Snort Network Intrusion Detection System." Thesis, 2003. http://ndltd.ncl.edu.tw/handle/01429644317481328466.
Full text國立雲林科技大學
電子與資訊工程研究所碩士班
91
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. However, Snort cannot generate intrusion pattern automatically. It means that experts must first analyze and categorize attack packets, and hand-code the corresponding patterns and rules for misuse detection. After that, system administrators configure Snort detection rules manually to the network intrusion detection system. This results in Snort having limited extensibility and adaptability. In this paper, we propose a framework for Snort to make it have the ability of not only catching new attack patterns automatically, but also detecting sequential attack behaviors. To do that, we first build an Intrusion Pattern Discovery Module to find single intrusion patterns and sequential intrusion patterns from a collection of attack packets in off-line training. The module applies data mining technique to extract descriptive attack signatures from large stores of packets, and then it converts the signatures to Snort detection rules for on-line detection. In order to detect sequential intrusion behavior, the Snort detection engine is accompanied with our Instruction Behavior Detection Engine. When a series of incoming packets match the signatures representing sequential intrusion scenarios, Instruction Behavior Detection Engine will make an alert. In summary, we enhance the functionality of Snort by adding the Intrusion Pattern Discovery Module and Instruction Behavior Detection Engine to the original Snort system. That not only makes Snort to mine instruction patterns automatically, but also extends the detecting ability of Snort. Furthermore, it improves the false negative rate and false positive rate for Snort misuse detection.