Consent-based networking, which requires senders to have permission to send traffic, can protect against multiple attacks on the network. Highly dynamic networks like Mobile Ad-hoc Networks (MANETs) require destination-based consent networking, where consent needs to be given to send to a destination in any path. These networks are susceptible to multipath misuses by misbehaving nodes. In this ...

Misuse detection method and anomaly detection method are widely used for the detection of malicious web pages. Both are based on machine learning. Misuse detection can detect known malicious web pages, but it cannot detect new ones. In contrast, anomaly detection can detect unknown malicious web pages, but it has a high false positive rate. In order to achieve a high detection rate through prec...

From the first appearance of network attacks, the internet worm, to the most recent one in which the servers of several famous e-business companies were paralyzed for several hours, causing huge financial losses, network-based attacks have been increasing in frequency and severity. As a powerful weapon to protect networks, intrusion detection has been gaining a lot of attention. Traditionally, ...

To improve the measuring accuracy of intrusion detection, a system design of a node for intrusion detection is proposed in this paper. First, the technology that applies the traditional intrusion detection method, such as anomaly detection and misuse detection, into P2P networks is presented. Next, to build the trust relationship among the nodes, and realize the cooperation mechanism of data de...

In the era of information and communication technology, Security is an important issue. A lot of effort and finance are being invested in this sector. Intrusion detection is one of the most prominent fields in this area. Data mining in network intrusion detection can automate the network intrusion detection field with a greater efficiency. This paper presents a literature survey on intrusion de...

as networking and communication technology becomes more widespread, thequantity and impact of system attackers have been increased rapidly. themethodology of intrusion detection (ids) is generally classified into two broadcategories according to the detection approaches: misuse detection and anomalydetection. in misuse detection approach, abnormal system behavior is defined atfirst, and then an...

In this paper, we design an Anomaly Detection System for Outlier Detection in Hardware Profile by using Principal Component Analysis (PCA) that helps reduce the dimension of data. Anomaly detection methods can detect new intrusions, but they suffer from false alarms. Another approach is misuse detection that identifies only known attacks by matching with the previous patterns. Host based Intrus...

Anomaly detection techniques have been devised to address the limitations of misuse detection approaches for intrusion detection with the model of normal behaviors. A hidden Markov model (HMM) is a useful tool to model sequence information, an optimal modeling technique to minimize false-positive error while maximizing detection rate. In spite of high performance, however, it requires large amo...

An intrusion detection system framework using mobile agents is a layered framework mechanism designed to support heterogeneous network environments to identify intruders at its best. Traditional computer misuse detection techniques can identify known attacks efficiently, but perform very poorly in other cases. Anomaly detection has the potential to detect unknown attacks; however, it is a very ...

Anomaly detection in information (IP) networks, detection of deviations from what is considered normal, is an important complement to misuse detection based on known attack descriptions. Performing anomaly detection in real-time places hard requirements on the algorithms used. First, to deal with the massive data volumes one needs to have efficient data structures and indexing mechanisms. Secon...