In recent years, mobile ad hoc networks (MANET) have become an interesting research area. This type of networks have a salient characteristics compare with wired networks which are more vulnerable. Nowadays, for the network security, defend in depth strategies are used. One of them is intrusion detection system (IDS). Many intrusion detection techniques developed for weird networks however, bec...

With the ever increasing deployment and usage of gigabit networks, traditional network anomaly detection based Intrusion Detection Systems (IDS) have not scaled accordingly. Most, if not all, intrusion detection systems (IDS) assume the availability of complete and clean audit data. We contend that this assumption is not valid. Factors like noise, mobility of the nodes and the large amount of n...

This paper presents a tutorial for network anomaly detection, focusing on non-signature-based approaches. Network traffic anomalies are unusual and significant changes in the traffic of a network. Networks play an important role in today’s social and economic infrastructures. The security of the network becomes crucial, and network traffic anomaly detection constitutes an important part of netw...

Anomaly event detection is one of the research hotspots in wireless sensor networks. Aiming at the disadvantages of current detection solutions, a novel anomaly event detection algorithm based on compressed sensing and iteration is proposed. Firstly, a measured value can be sensed in each node, based on the compressed sensing. Then the problem of anomaly event detection is modeled as the minimi...

In current scenario most of the intrusion detection systems (IDS) use one of the two detection methods, misused detection or Anomaly detection?both of them have their own limitations. Technology has developed the technique that combines misuse detection system with anomaly detection system (ADS) or network intrusion detection system and host-based intrusion detection system is known as hybrid i...

We present Anomalous Packet Detection using Partitioned Payload system, we call as AnPDPP. AnPDPP is an improvement to PAYL system which is considered one of the complete systems for payload based anomaly detection. PAYL takes into consideration the entire payload for profile calculation and effectively for anomaly detection. Payload length is very high on port numbers like 21 and 80. Hence it ...

Anomaly-based network intrusion detection systems can take into consideration packet headers, the payload, or a combination of both. We argue that payload-based approaches are becoming the most effective methods to detect attacks. Nowadays, attacks aim mainly to exploit vulnerabilities at application level: thus, the payload contains the most important information to differentiate normal traffi...

We present a new approach to anomaly-based network intrusion detection for web applications. This approach is based on dividing the input parameters of the monitored web application in two groups: the “regular” and the “irregular” ones, and applying a new method for anomaly detection on the “regular” ones based on the inference of a regular language. We support our proposal by realizing Sphinx,...

Increasing the popularity of SIP based services (VoIP, IPTV, IMS infrastructure) lead to concerns about its ‎security. The main signaling protocol of next generation networks and VoIP systems is Session Initiation Protocol ‎‎(SIP). Inherent vulnerabilities of SIP, misconfiguration of its related components and also its implementation ‎deficiencies cause some security concerns in SIP based infra...