Relevant bibliographies by topics / Network security intrusion detection

Academic literature on the topic 'Network security intrusion detection'

Author: Grafiati
Published: 4 June 2021
Last updated: 19 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Contents

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Network security intrusion detection.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Network security intrusion detection"

1

Patidar, Sadhana, Priyanka Parihar, and Chetan Agrawal. "A Review of Intrusion Detection Datasets and Techniques." SMART MOVES JOURNAL IJOSCIENCE 6, no. 3 (March 10, 2020): 14–22. http://dx.doi.org/10.24113/ijoscience.v6i3.277.

Full text
Abstract:
As network applications grow rapidly, network security mechanisms require more attention to improve speed and accuracy. The evolving nature of new types of intrusion poses a serious threat to network security: although many network securities tools have been developed, the rapid growth of intrusive activities is still a serious problem. Intrusion detection systems (IDS) are used to detect intrusive network activity. In order to prevent and detect the unauthorized access of any computer is a concern of Computer security. Hence computer security provides a measure of the level associated with Prevention and Detection which facilitate to avoid suspicious users. Deep learning have been widely used in recent years to improve intrusion detection in networks. These techniques allow the automatic detection of network traffic anomalies. This paper presents literature review on intrusion detection techniques.
APA, Harvard, Vancouver, ISO, and other styles
2

Javidi, Mohammad Masoud. "Game Theory Approaches in Taxonomy of Intrusion Detection for MANETs." Computer Engineering and Applications Journal 4, no. 1 (February 18, 2015): 31–42. http://dx.doi.org/10.18495/comengapp.v4i1.111.

Full text
Abstract:
MANETs are self configuring networks that are formed by a set of wireless mobile nodes and have no fixed network infrastructure nor administrative support. Since transmission range of wireless network interfaces is limited, forwarding hosts may be needed. Each node in a wireless ad hoc network functions is as both a host and a router. Due to their communication type and resources constraint, MANETs are vulnerable to diverse types of attacks and intrusions so, security is a critical issue. Network security is usually provided in the three phases: intrusion prevention, intrusion detection and intrusion tolerance phase. However, the network security problem is far from completely solved. Researchers have been exploring the applicability of game theory approaches to address the network security issues. This paper reviews some existing game theory solutions which are designed to enhance network security in the intrusion detection phase. Keywords: Mobile Ad hoc Network (MANET), Intrusion detection system (IDS), Cluster head, host based, Game theory.
APA, Harvard, Vancouver, ISO, and other styles
3

Liu, Gui Guo. "Intrusion Detection Systems." Applied Mechanics and Materials 596 (July 2014): 852–55. http://dx.doi.org/10.4028/www.scientific.net/amm.596.852.

Full text
Abstract:
In the ear of information society, network security have become a very important issues. Intrusion is a behavior that tries to destroy confidentiality, data integrality, and data availability of network information. Intrusion detection systems are constructed as a software that automates the automatically detects possible intrusions. In this paper, we present the existing intrusion detection techniques in details including intrusion detection types, firewalls, etc.
APA, Harvard, Vancouver, ISO, and other styles
4

Kaur, Harpreet. "NETWORK INTRUSION DETECTION AND PREVENTION ATTACKS." INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY 2, no. 3 (June 30, 2012): 21–23. http://dx.doi.org/10.24297/ijct.v2i3a.2669.

Full text
Abstract:
Intrusion detection is an important technology in business sector as well as an active area of research. It is an important tool for information security. A Network Intrusion Detection System is used to monitor networks for attacks or intrusions and report these intrusions to the administrator in order to take evasive action. Today computers are part of networked; distributed systems that may span multiple buildings sometimes located thousands of miles apart. The network of such a system is a pathway for communication between the computers in the distributed system. The network is also a pathway for intrusion. This system is designed to detect and combat some common attacks on network systems. It follows the signature based IDs methodology for ascertaining attacks. A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats. In this system the attack log displays the list of attacks to the administrator for evasive action. This system works as an alert device in the event of attacks directed towards an entire network.
APA, Harvard, Vancouver, ISO, and other styles
5

Reshmi, B. M., S. S. Manvi, and Bhagyavati. "An Agent Based Intrusion Detection Model for Mobile Ad Hoc Networks." Mobile Information Systems 2, no. 4 (2006): 169–91. http://dx.doi.org/10.1155/2006/921047.

Full text
Abstract:
Intrusion detection has over the last few years, assumed paramount importance within the broad realm of network security, more so in case of wireless mobile ad hoc networks. The inherently vulnerable characteristics of wireless mobile ad hoc networks make them susceptible to attacks in-spite of some security measures, and it may be too late before any counter action can take effect. As such, there is a need to complement traditional security mechanisms with efficient intrusion detection and response systems. This paper proposes an agent-based model to address the aspect of intrusion detection in cluster based mobile wireless ad hoc network environment. The model comprises of a set of static and mobile agents, which are used to detect intrusions, respond to intrusions, and distribute selected and aggregated intrusion information to all other nodes in the network in an intelligent manner. The model is simulated to test its operation effectiveness by considering the performance parameters such as, detection rate, false positives, agent overheads, and intrusion information distribution time. Agent based approach facilitates flexible and adaptable security services. Also, it supports component based software engineering components such as maintainability, reachability, reusability, adaptability, flexibility, and customization.
APA, Harvard, Vancouver, ISO, and other styles
6

Aranganathan, A., and C. D. Suriyakala. "Agent based secure intrusion detection and prevention for rushing attacks in clustering MANETs." International Journal of Engineering & Technology 7, no. 2.20 (April 18, 2018): 22. http://dx.doi.org/10.14419/ijet.v7i2.20.11736.

Full text
Abstract:
Intrusion detection is one of challenging issues in wireless networks. The inherently vulnerable characteristics of wireless mobile ad hoc networks make them susceptible to attacks in-spite of some security measures, and it may be too late before any counter action can take effect. As such, there is a need to complement security mechanisms with efficient intrusion detection and response systems. This paper proposes an agent-based model to address the aspect of intrusion detection in cluster based Mobile ad hoc network environment. The model comprises of mobile agents, which are used to detect intrusions, respond to intrusions, mainly preventing the routing attacks while securing them and distributing selected and aggregated intrusion information to all other nodes in the network in an intelligent manner to compensate the attack. The model is simulated to test its operation effectiveness by considering various performance parameters such as, packet delivery ratio, communication overhead, throughput. It implements a secure detection and prevention technique that contains the Blowfish algorithm which is a symmetric encryption and decryption algorithm having a secure standard till date against attacks to make the network transmission secure while monitoring malicious nodes and preventing them from compromising the integrity of the network. Agent based approach facilitates flexible and adaptable security services. Also, it supports component based software engineering components such as maintainability, reachability, reusability, adaptability, and flexibility.
APA, Harvard, Vancouver, ISO, and other styles
7

Erlansari, Aan, Funny Farady Coastera, and Afief Husamudin. "Early Intrusion Detection System (IDS) using Snort and Telegram approach." SISFORMA 7, no. 1 (June 10, 2020): 21. http://dx.doi.org/10.24167/sisforma.v7i1.2629.

Full text
Abstract:
Computer network security is an important factor that must be considered. Guaranteed security can avoid losses caused by attacks on the network security system. The most common prevention against network attacks is to place an administrator, but problems will arise when the administrator is not supervising the network, so to overcome these problems a system called IDS (Intrusion Detection System) can detect suspicious activity on the network through automating the work functions of an administrator. Snort is one of the software that functions to find out the intrusion. Data packets that pass through network traffic will be analyzed. Data packets detected as intrusion will trigger alerts which are then stored in log files. Thus, administrators can find out intrusions that occur on computer networks, and the existence of instant messaging applications can help administrators to get realtime notifications, one of which is using the Telegram application. The results of this study are, Snort able to detect intrusion of attacks on computer networks and the system can send alerts from snort to administrators via telegram bot in real-time.
APA, Harvard, Vancouver, ISO, and other styles
8

Mahfouz, Ahmed, Abdullah Abuhussein, Deepak Venugopal, and Sajjan Shiva. "Ensemble Classifiers for Network Intrusion Detection Using a Novel Network Attack Dataset." Future Internet 12, no. 11 (October 26, 2020): 180. http://dx.doi.org/10.3390/fi12110180.

Full text
Abstract:
Due to the extensive use of computer networks, new risks have arisen, and improving the speed and accuracy of security mechanisms has become a critical need. Although new security tools have been developed, the fast growth of malicious activities continues to be a pressing issue that creates severe threats to network security. Classical security tools such as firewalls are used as a first-line defense against security problems. However, firewalls do not entirely or perfectly eliminate intrusions. Thus, network administrators rely heavily on intrusion detection systems (IDSs) to detect such network intrusion activities. Machine learning (ML) is a practical approach to intrusion detection that, based on data, learns how to differentiate between abnormal and regular traffic. This paper provides a comprehensive analysis of some existing ML classifiers for identifying intrusions in network traffic. It also produces a new reliable dataset called GTCS (Game Theory and Cyber Security) that matches real-world criteria and can be used to assess the performance of the ML classifiers in a detailed experimental evaluation. Finally, the paper proposes an ensemble and adaptive classifier model composed of multiple classifiers with different learning paradigms to address the issue of the accuracy and false alarm rate in IDSs. Our classifiers show high precision and recall rates and use a comprehensive set of features compared to previous work.
APA, Harvard, Vancouver, ISO, and other styles
9

Chueh, Hao-En, Shun-Chuan Ho, Shih-Peng Chang, and Ping-Yu Hsu. "Online Intrusion Behaviors: Sequences and Time Intervals." Social Behavior and Personality: an international journal 38, no. 10 (November 1, 2010): 1307–12. http://dx.doi.org/10.2224/sbp.2010.38.10.1307.

Full text
Abstract:
In this study we model the sequences and time intervals of online intrusion behaviors. To maintain network security, intrusion detection systems monitor network environments; however, most existing intrusion detection systems produce too many intrusion alerts, causing network managers to investigate many potential intrusions individually to determine their validity. To solve this problem, we combined a clustering analysis of the time intervals of online users' behaviors with a sequential pattern analysis to identify genuine intrusion behaviors. Knowledge of the patterns generated by intruder behaviors can help network managers maintain network security.
APA, Harvard, Vancouver, ISO, and other styles
10

Einy, Sajad, Cemil Oz, and Yahya Dorostkar Navaei. "The Anomaly- and Signature-Based IDS for Network Security Using Hybrid Inference Systems." Mathematical Problems in Engineering 2021 (March 12, 2021): 1–10. http://dx.doi.org/10.1155/2021/6639714.

Full text
Abstract:
With the expansion of communication in today’s world and the possibility of creating interactions between people through communication networks regardless of the distance dimension, the issue of creating security for the data and information exchanged has received much attention from researchers. Various methods have been proposed for this purpose; one of the most important methods is intrusion detection systems to quickly detect intrusions into the network and inform the manager or responsible people to carry out an operational set to reduce the amount of damage caused by these intruders. The main challenge of the proposed intrusion detection systems is the number of erroneous warning messages generated and the low percentage of accurate detection of intrusions in them. In this research, the Suricata IDS/IPS is deployed along with the NN model for the metaheuristic’s manual detection of malicious traffic in the targeted network. For the metaheuristic-based feature selection, the neural network, and the anomaly-based detection, the fuzzy logic is used in this research paper. The latest stable version of Kali Linux 2020.3 is used as an attacking system for web applications and different types of operating systems. The proposed method has achieved 96.111% accuracy for detecting network intrusion.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Network security intrusion detection"

1

Maharjan, Nadim, and Paria Moazzemi. "Telemetry Network Intrusion Detection System." International Foundation for Telemetering, 2012. http://hdl.handle.net/10150/581632.

Full text
Abstract:
ITC/USA 2012 Conference Proceedings / The Forty-Eighth Annual International Telemetering Conference and Technical Exhibition / October 22-25, 2012 / Town and Country Resort & Convention Center, San Diego, California
Telemetry systems are migrating from links to networks. Security solutions that simply encrypt radio links no longer protect the network of Test Articles or the networks that support them. The use of network telemetry is dramatically expanding and new risks and vulnerabilities are challenging issues for telemetry networks. Most of these vulnerabilities are silent in nature and cannot be detected with simple tools such as traffic monitoring. The Intrusion Detection System (IDS) is a security mechanism suited to telemetry networks that can help detect abnormal behavior in the network. Our previous research in Network Intrusion Detection Systems focused on "Password" attacks and "Syn" attacks. This paper presents a generalized method that can detect both "Password" attack and "Syn" attack. In this paper, a K-means Clustering algorithm is used for vector quantization of network traffic. This reduces the scope of the problem by reducing the entropy of the network data. In addition, a Hidden-Markov Model (HMM) is then employed to help to further characterize and analyze the behavior of the network into states that can be labeled as normal, attack, or anomaly. Our experiments show that IDS can discover and expose telemetry network vulnerabilities using Vector Quantization and the Hidden Markov Model providing a more secure telemetry environment. Our paper shows how these can be generalized into a Network Intrusion system that can be deployed on telemetry networks.
APA, Harvard, Vancouver, ISO, and other styles
2

Abdullah, Kulsoom B. "Scaling and Visualizing Network Data to Facilitate in Intrusion Detection Tasks." Diss., Georgia Institute of Technology, 2006. http://hdl.handle.net/1853/10509.

Full text
Abstract:
As the trend of successful network attacks continue to rise, better forms of intrusion, detection and prevention are needed. This thesis addresses network traffic visualization techniques that aid administrators in recognizing attacks. A view of port statistics and Intrusion Detection System (IDS) alerts has been developed. Each help to address issues with analyzing large datasets involving networks. Due to the amount of traffic as well as the range of possible port numbers and IP addresses, scaling techniques are necessary. A port-based overview of network activity produces an improved representation for detecting and responding to malicious activity. We have found that presenting an overview using stacked histograms of aggregate port activity, combined with the ability to drill-down for finer details allows small, yet important details to be noticed and investigated without being obscured by large, usual traffic. Another problem administrators face is the cumbersome amount of alarm data generated from IDS sensors. As a result, important details are often overlooked, and it is difficult to get an overall picture of what is occurring in the network by manually traversing textual alarm logs. We have designed a novel visualization to address this problem by showing alarm activity within a network. Alarm data is presented in an overview from which system administrators can get a general sense of network activity and easily detect anomalies. They additionally have the option of then zooming and drilling down for details. Based on our system administrator requirements study, this graphical layout addresses what system administrators need to see, is faster and easier than analyzing text logs, and uses visualization techniques to effectively scale and display the data. With this design, we have built a tool that effectively uses operational alarm log data generated on the Georgia Tech campus network. For both of these systems, we describe the input data, the system design, and examples. Finally, we summarize potential future work.
APA, Harvard, Vancouver, ISO, and other styles
3

Yang, Yi. "Intrusion detection for communication network security in power systems." Thesis, Queen's University Belfast, 2013. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.603572.

Full text
Abstract:
In response to the emergence of cybersecurity issues in smarter grids, a number of IT security approaches have been presented. However, in practice, power networks with legacy systems are more difficult to update, patch and protect using conventional IT security techniques. This research presents a contribution to cybersecurity using Intrusion Detection Systems (IDS) in power systems. An intrusion detection methodology provides an approach to identify evidence of abnormal communication behaviours in a passive mode that does not impact normal operation of power systems but provides pre-emptive knowledge of potential threats and incidents. This thesis proposes and develops new intrusion detection approaches for Smart Grid cybersecurity that are applied in Supervisory Control and Data Acquisition (SCADA) and synchrophasor systems in order to monitor the operation of such systems and detect cyber threats against these systems resulting from malicious attacks or misuse by legitimate users. One of the proposed intrusion detection approaches combines whitelist categorisation with behaviour-based detection methods to identify known and unknown attacks by considering the operational features and the communication • protocols of SCADA and synchrophasor systems. Furthermore, SCADA-specific and synchrophasor-specific cybersecurity solutions are presented using test-beds to investigate, simulate and exemplify the impacts of cyber attacks on SCADA and synchrophasor systems. The proposed SCADA-specific IDS (SCADA-IDS) and Synchrophasor-Specific IDS (SSIDS) are implemented and verified using two lest-beds. In addition, a hybrid IDS is proposed for SCADA networks using the IEC 60870-5- 104 protocol, which contains signature-based, model-based and stateful detection methods. The proposed hybrid IDS is implemented and validated using the Internet Traffic and Content Analysis (ITACA) platform and the open source Snort tool. These new detection tools proposed in this thesis allow the cybersecurity of significant power systems communications networks to be improved, thus contribution 10 the security and reliability of the Smart Grid as a whole.
APA, Harvard, Vancouver, ISO, and other styles
4

Balupari, Ravindra. "Real-time network-based anomaly intrusion detection." Ohio : Ohio University, 2002. http://www.ohiolink.edu/etd/view.cgi?ohiou1174579398.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Ademi, Muhamet. "Web-Based Intrusion Detection System." Thesis, Malmö högskola, Fakulteten för teknik och samhälle (TS), 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-20271.

Full text
Abstract:
Web applications are growing rapidly and as the amount of web sites globallyincreases so do security threats. Complex applications often interact with thirdparty services and databases to fetch information and often interactions requireuser input. Intruders are targeting web applications specifically and they are ahuge security threat to organizations and a way to combat this is to haveintrusion detection systems. Most common web attack methods are wellresearched and documented however due to time constraints developers oftenwrite applications fast and may not implement the best security practices. Thisreport describes one way to implement a intrusion detection system thatspecifically detects web based attacks.
APA, Harvard, Vancouver, ISO, and other styles
6

Park, Yongro. "A statistical process control approach for network intrusion detection." Diss., Georgia Institute of Technology, 2005. http://hdl.handle.net/1853/6835.

Full text
Abstract:
Intrusion detection systems (IDS) have a vital role in protecting computer networks and information systems. In this thesis we applied an SPC monitoring concept to a certain type of traffic data in order to detect a network intrusion. We developed a general SPC intrusion detection approach and described it and the source and the preparation of data used in this thesis. We extracted sample data sets that represent various situations, calculated event intensities for each situation, and stored these sample data sets in the data repository for use in future research. A regular batch mean chart was used to remove the sample datas inherent 60-second cycles. However, this proved too slow in detecting a signal because the regular batch mean chart only monitored the statistic at the end of the batch. To gain faster results, a modified batch mean (MBM) chart was developed that met this goal. Subsequently, we developed the Modified Batch Mean Shewhart chart, the Modified Batch Mean Cusum chart, and the Modified Batch Mean EWMA chart and analyzed the performances of each one on simulated data. The simulation studies showed that the MBM charts perform especially well with large signals ?the type of signal typically associated with a DOS intrusion. The MBM Charts can be applied two ways: by using actual control limits or by using robust control limits. The actual control limits must be determined by simulation, but the robust control limits require nothing more than the use of the recommended limits. The robust MBM Shewhart chart was developed based on choosing appropriate values based on batch size. The robust MBM Cusum chart and robust MBM EWMA chart were developed on choosing appropriate values of charting parameters.
APA, Harvard, Vancouver, ISO, and other styles
7

Stefanova, Zheni Svetoslavova. "Machine Learning Methods for Network Intrusion Detection and Intrusion Prevention Systems." Scholar Commons, 2018. https://scholarcommons.usf.edu/etd/7367.

Full text
Abstract:
Given the continuing advancement of networking applications and our increased dependence upon software-based systems, there is a pressing need to develop improved security techniques for defending modern information technology (IT) systems from malicious cyber-attacks. Indeed, anyone can be impacted by such activities, including individuals, corporations, and governments. Furthermore, the sustained expansion of the network user base and its associated set of applications is also introducing additional vulnerabilities which can lead to criminal breaches and loss of critical data. As a result, the broader cybersecurity problem area has emerged as a significant concern, with many solution strategies being proposed for both intrusion detection and prevention. Now in general, the cybersecurity dilemma can be treated as a conflict-resolution setup entailing a security system and minimum of two decision agents with competing goals (e.g., the attacker and the defender). Namely, on the one hand, the defender is focused on guaranteeing that the system operates at or above an adequate (specified) level. Conversely, the attacker is focused on trying to interrupt or corrupt the system’s operation. In light of the above, this dissertation introduces novel methodologies to build appropriate strategies for system administrators (defenders). In particular, detailed mathematical models of security systems are developed to analyze overall performance and predict the likely behavior of the key decision makers influencing the protection structure. The initial objective here is to create a reliable intrusion detection mechanism to help identify malicious attacks at a very early stage, i.e., in order to minimize potentially critical consequences and damage to system privacy and stability. Furthermore, another key objective is also to develop effective intrusion prevention (response) mechanisms. Along these lines, a machine learning based solution framework is developed consisting of two modules. Specifically, the first module prepares the system for analysis and detects whether or not there is a cyber-attack. Meanwhile, the second module analyzes the type of the breach and formulates an adequate response. Namely, a decision agent is used in the latter module to investigate the environment and make appropriate decisions in the case of uncertainty. This agent starts by conducting its analysis in a completely unknown milieu but continually learns to adjust its decision making based upon the provided feedback. The overall system is designed to operate in an automated manner without any intervention from administrators or other cybersecurity personnel. Human input is essentially only required to modify some key model (system) parameters and settings. Overall, the framework developed in this dissertation provides a solid foundation from which to develop improved threat detection and protection mechanisms for static setups, with further extensibility for handling streaming data.
APA, Harvard, Vancouver, ISO, and other styles
8

Huang, Yi-an. "Intrusion Detection and Response Systems for Mobile Ad Hoc Networks." Diss., Georgia Institute of Technology, 2006. http://hdl.handle.net/1853/14053.

Full text
Abstract:
A mobile ad hoc network (MANET) consists of a group of autonomous mobile nodes with no infrastructure support. In this research, we develop a distributed intrusion detection and response system for MANET, and we believe it presents a second line of defense that cannot be replaced by prevention schemes. We based our detection framework on the study of attack taxonomy. We then propose a set of detection methods suitable of detecting different attack categories. Our approaches are based on protocol specification analysis with categorical and statistical measures. Node-based approaches may be too restrictive in scenarios where attack patterns cannot be observed by any isolated node. Therefore, we have developed cooperative detection approaches for a more effective detection model. One approach is to form IDS clusters by grouping nearby nodes, and information can be exchanged within clusters. The cluster-based scheme is more efficient in terms of power consumption and resource utilization, it is also proved resilient against common security compromises without changing the decentralized assumption. We further address two response techniques, traceback and filtering. Existing traceback systems are not suitable for MANET because they rely on incompatible assumptions such as trustworthy routers and static route topology. Our solution, instead, adapts to dynamic topology with no infrastructure requirement. Our solution is also resilient in the face of arbitrary number of collaborative adversaries. We also develop smart filtering schemes to maximize the dropping rate of attack packets while minimizing the dropping rate of normal packets with real-time guarantee. To validate our research, we present case study using both ns-2 simulation and MobiEmu emulation platform with three ad hoc routing protocols: AODV, DSR and OLSR. We implemented various representative attacks based on the attack taxonomy. Our experiments show very promising results using node-based and cluster-based approaches.
APA, Harvard, Vancouver, ISO, and other styles
9

Pikoulas, John. "An agent-based Bayesian method for network intrusion detection." Thesis, Edinburgh Napier University, 2003. http://researchrepository.napier.ac.uk/Output/4057.

Full text
Abstract:
Security is one of the major issues in any network and on the Internet. It encapsulates many different areas, such as protecting individual users against intruders, protecting corporate systems against damage, and protecting data from intrusion. It is obviously impossible to make a network totally secure, as there are so many areas that must be protected. This thesis includes an evaluation of current techniques for internal misuse of computer systems, and tries to propose a new way of dealing with this problem. This thesis proposes that it is impossible to fully protect a computer network from intrusion, and shows how different methods are applied at differing levels of the OSI model. Most systems are now protected at the network and transport layer, with systems such as firewalls and secure sockets. A weakness, though, exists in the session layer that is responsible for user logon and their associated password. It is thus important for any highly secure system to be able to continually monitor a user, even after they have successfully logged into the system. This is because once an intruder has successfully logged into a system, they can use it as a stepping-stone to gain full access (often right up to the system administrator level). This type of login identifies another weakness of current intrusion detection systems, in that they are mainly focused on detecting external intrusion, whereas a great deal of research identifies that one of the main problems is from internal intruders, and from staff within an organisation. Fraudulent activities can often he identified by changes in user behaviour. While this type of behaviour monitoring might not be suited to most networks, it could be applied to high secure installations, such as in government, and military organisations. Computer networks are now one of the most rapidly changing and vulnerable systems, where security is now a major issue. A dynamic approach, with the capacity to deal with and adapt to abrupt changes, and be simple, will provide an effective modelling toolkit. Analysts must be able to understand how it works and be able to apply it without the aid of an expert. Such models do exist in the statistical world, and it is the purpose of this thesis to introduce them and to explain their basic notions and structure. One weakness identified is the centralisation and complex implementation of intrusion detection. The thesis proposes an agent-based approach to monitor the user behaviour of each user. It also proposes that many intrusion detection systems cannot cope with new types of intrusion. It thus applies Bayesian statistics to evaluate user behaviour, and predict the future behaviour of the user. The model developed is a unique application of Bayesian statistics, and the results show that it can improve future behaviour prediction than existing ARIMA models. The thesis argues that the accuracy of long-term forecasting questionable, especially in systems that have a rapid and often unexpected evolution and behaviour. Many of the existing models for prediction use long-term forecasting, which may not be the optimal type for intrusion detection systems. The experiments conducted have varied the number of users and the time interval used for monitoring user behaviour. These results have been compared with ARIMA, and an increased accuracy has been observed. The thesis also shows that the new model can better predict changes in user behaviour, which is a key factor in identifying intrusion detection. The thesis concludes with recommendations for future work, including how the statistical model could be improved. This includes research into changing the specification of the design vector for Bayesian. Another interesting area is the integration of standard agent communication agents, which will make the security agents more social in their approach and be able to gather information from other agents
APA, Harvard, Vancouver, ISO, and other styles
10

Haas, Steffen [Verfasser]. "Security Monitoring and Alert Correlation for Network Intrusion Detection / Steffen Haas." Hamburg : Staats- und Universitätsbibliothek Hamburg Carl von Ossietzky, 2020. http://d-nb.info/123199780X/34.

Full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Network security intrusion detection"

1

Judy, Novak, ed. Network intrusion detection. 3rd ed. Indianapolis, Ind: New Riders Pub., 2002.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

Escamilla, Terry. Intrusion detection: Network security beyond the firewall. New York: John Wiley, 1998.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

Intrusion detection. Indianapolis, IN: Macmillan Technical Publishing, 2000.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

Network intrusion detection: An analyst's handbook. Indianapolis, Ind: New Riders, 1999.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Judy, Novak, and McLachlan Donald, eds. Network intrusion detection: An analyst's handbook. 2nd ed. Indianapolis, Ind: New Riders, 2001.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Roberto, Di Pietro, and SpringerLink (Online service), eds. Intrusion Detection Systems. Boston, MA: Springer-Verlag US, 2008.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Manu, Zacharia, ed. Network intrusion alert: An ethical hacking guide to intrusion detection. Boston, MA: Thomson Course Technology PTR, 2008.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
8

1980-, Lu Wei, and Tavallaee Mahbod, eds. Network intrusion detection and prevention: Concepts and techniques. New York: Springer, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
9

Intrusion detection with Snort. Indianapolis, Ind: Sams, 2003.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

C, Foster James, ed. Snort 2.0 intrusion detection. Rockland, Mass: Syngress, 2003.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Book chapters on the topic "Network security intrusion detection"

1

Perez, André. "Intrusion Detection." In Network Security, 237–51. Hoboken, NJ, USA: John Wiley & Sons, Inc., 2014. http://dx.doi.org/10.1002/9781119043942.ch10.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Edge, Charles, William Barker, Beau Hunter, and Gene Sullivan. "Network Scanning, Intrusion Detection, and Intrusion Prevention Tools." In Enterprise Mac Security, 485–504. Berkeley, CA: Apress, 2010. http://dx.doi.org/10.1007/978-1-4302-2731-1_17.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Edge, Charles, and Daniel O’Donnell. "Network Scanning, Intrusion Detection, and Intrusion Prevention Tools." In Enterprise Mac Security, 441–57. Berkeley, CA: Apress, 2016. http://dx.doi.org/10.1007/978-1-4842-1712-2_17.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Kizza, Joseph Migga. "System Intrusion Detection and Prevention." In Guide to Computer Network Security, 273–98. London: Springer London, 2015. http://dx.doi.org/10.1007/978-1-4471-6654-2_13.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Kizza, Joseph Migga. "System Intrusion Detection and Prevention." In Guide to Computer Network Security, 275–301. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-55606-2_13.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Kizza, Joseph Migga. "System Intrusion Detection and Prevention." In Guide to Computer Network Security, 271–95. London: Springer London, 2012. http://dx.doi.org/10.1007/978-1-4471-4543-1_13.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Dagorn, Nathalie. "Cooperative Intrusion Detection for Web Applications." In Cryptology and Network Security, 286–302. Berlin, Heidelberg: Springer Berlin Heidelberg, 2006. http://dx.doi.org/10.1007/11935070_20.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

van Oorschot, Paul C. "Intrusion Detection and Network-Based Attacks." In Information Security and Cryptography, 309–38. Cham: Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-33649-3_11.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Li, Tao, Xiaojie Liu, and Hongbin Li. "A New Model for Dynamic Intrusion Detection." In Cryptology and Network Security, 72–84. Berlin, Heidelberg: Springer Berlin Heidelberg, 2005. http://dx.doi.org/10.1007/11599371_7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Rosenberg, Ishai, and Ehud Gudes. "Evading System-Calls Based Intrusion Detection Systems." In Network and System Security, 200–216. Cham: Springer International Publishing, 2016. http://dx.doi.org/10.1007/978-3-319-46298-1_14.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Network security intrusion detection"

1

Silva Neto, Manuel Gonçalves da, and Danielo G. Gomes. "Network Intrusion Detection Systems Design: A Machine Learning Approach." In XXXVII Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos. Sociedade Brasileira de Computação - SBC, 2019. http://dx.doi.org/10.5753/sbrc.2019.7413.

Full text
Abstract:
With the increasing popularization of computer network-based technologies, security has become a daily concern, and intrusion detection systems (IDS) play an essential role in the supervision of computer networks. An employed approach to combat network intrusions is the development of intrusion detection systems via machine learning techniques. The intrusion detection performance of these systems depends highly on the quality of the IDS dataset used in their design and the decision making for the most suitable machine learning algorithm becomes a difficult task. The proposed paper focuses on evaluate and accurate the model of intrusion detection system of different machine learning algorithms on two resampling techniques using the new CICIDS2017 dataset where Decision Trees, MLPs, and Random Forests on Stratified 10-Fold gives high stability in results with Precision, Recall, and F1-Scores of 98% and 99% with low execution times.
APA, Harvard, Vancouver, ISO, and other styles
2

Vigna, Giovanni. "Network intrusion detection." In the 26th Annual Computer Security Applications Conference. New York, New York, USA: ACM Press, 2010. http://dx.doi.org/10.1145/1920261.1920279.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Davis, J., E. Hill, L. Spradley, M. Wright, W. Scherer, and Y. Zhang. "Network security monitoring - intrusion detection." In Proceedings of the 2003 IEEE Systems and Information Engineering Design Symposium. IEEE, 2003. http://dx.doi.org/10.1109/sieds.2003.158030.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Chen, Xinjia, and Ernest Walker. "Fast detection of network intrusion." In SPIE Defense, Security, and Sensing, edited by Raja Suresh. SPIE, 2011. http://dx.doi.org/10.1117/12.883626.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Liu, Jiannan, Kun Xiao, Lei Luo, Yun Li, and Lirong Chen. "An intrusion detection system integrating network-level intrusion detection and host-level intrusion detection." In 2020 IEEE 20th International Conference on Software Quality, Reliability and Security (QRS). IEEE, 2020. http://dx.doi.org/10.1109/qrs51102.2020.00028.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Bhuyan, Saptarshi, Dilip Kumar Barman, and Abhijit Bhowmick. "Wireless Network Security Using Intrusion Detection System." In 2018 2nd International Conference on Trends in Electronics and Informatics (ICOEI). IEEE, 2018. http://dx.doi.org/10.1109/icoei.2018.8553724.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Neuschmied, Helmut, Martin Winter, Katharina Hofer-Schmitz, Branka Stojanovic, and Ulrike Kleb. "Two Stage Anomaly Detection for Network Intrusion Detection." In 7th International Conference on Information Systems Security and Privacy. SCITEPRESS - Science and Technology Publications, 2021. http://dx.doi.org/10.5220/0010233404500457.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Akujuobi, C. M., and N. K. Ampah. "Enterprise network intrusion detection and prevention system (ENIDPS)." In Defense and Security Symposium, edited by Edward M. Carapezza. SPIE, 2007. http://dx.doi.org/10.1117/12.719994.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Yan, Qiao, and Jianping Yu. "AINIDS: an immune-based network intrusion detection system." In Defense and Security Symposium, edited by Belur V. Dasarathy. SPIE, 2006. http://dx.doi.org/10.1117/12.664752.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Bhatia, Rohit, Vireshwar Kumar, Khaled Serag, Z. Berkay Celik, Mathias Payer, and Dongyan Xu. "Evading Voltage-Based Intrusion Detection on Automotive CAN." In Network and Distributed System Security Symposium. Reston, VA: Internet Society, 2021. http://dx.doi.org/10.14722/ndss.2021.23013.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Network security intrusion detection"

1

Ye, Nong. Computer Network Equipment for Intrusion Detection Research. Fort Belvoir, VA: Defense Technical Information Center, March 2000. http://dx.doi.org/10.21236/ada381649.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Zage, Dolores M., and Wayne M. Zage. Intrusion Detection System Visualization of Network Alerts. Fort Belvoir, VA: Defense Technical Information Center, July 2010. http://dx.doi.org/10.21236/ada532723.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

McLain, C. D., A. Studer, and R. P. Lippmann. Making Network Intrusion Detection Work With IPsec. Fort Belvoir, VA: Defense Technical Information Center, May 2007. http://dx.doi.org/10.21236/ada468587.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Heady, R., G. Luger, A. Maccabe, and M. Servilla. The architecture of a network level intrusion detection system. Office of Scientific and Technical Information (OSTI), August 1990. http://dx.doi.org/10.2172/425295.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Grosskopf, Michael John. Aligning Time Series for Cyber-Physical Network Intrusion Detection. Office of Scientific and Technical Information (OSTI), August 2015. http://dx.doi.org/10.2172/1212612.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Chen, Yan. HPNAIDM: The High-Performance Network Anomaly/Intrusion Detection and Mitigation System. Office of Scientific and Technical Information (OSTI), December 2013. http://dx.doi.org/10.2172/1108982.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Smith, Sidney C., Kin W. Wong, II Hammell, Mateo Robert J., and Carlos J. An Experimental Exploration of the Impact of Network-Level Packet Loss on Network Intrusion Detection. Fort Belvoir, VA: Defense Technical Information Center, August 2015. http://dx.doi.org/10.21236/ada623474.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Zhang, Pengchu C., and Nancy Ann Durgin. Profile-based adaptive anomaly detection for network security. Office of Scientific and Technical Information (OSTI), November 2005. http://dx.doi.org/10.2172/875979.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Heady, R., G. F. Luger, A. B. Maccabe, M. Servilla, and J. Sturtevant. A prototype implementation of a network-level intrusion detection system. Technical report number CS91-11. Office of Scientific and Technical Information (OSTI), May 1991. http://dx.doi.org/10.2172/425286.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Network security intrusion detection' for particular source types:
Journal articles Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography