Internet of Things is an ever-growing network of heterogeneous and constraint nodes which are connected to each other and the Internet. Security plays an important role in such networks. Experience has proved that encryption and authentication are not enough for the security of networks and an Intrusion Detection System is required to detect and to prevent attacks from malicious nodes. In this ...

In this paper, a boosting-based incremental hybrid intrusion detection system is introduced. This system combines incremental misuse detection and incremental anomaly detection. We use boosting ensemble of weak classifiers to implement misuse intrusion detection system. It can identify new classes types of intrusions that do not exist in the training dataset for incremental misuse detection. As...

Detecting the anomaly behaviors such as network failure or Internet intentional attack in the large-scale Internet is a vital but challenging task. While numerous techniques have been developed based on Internet traffic in past years, anomaly detection for structured datasets by complex network have just been of focus recently. In this paper, a anomaly detection method for large-scale Internet ...

Anomaly detection is a promising approach to detecting intruders masquerading as valid users (called masqueraders). It creates a user profile and labels any behavior that deviates from the profile as anomalous. In anomaly detection, a challenging task is modeling a user’s dynamic behavior based on sequential data collected from computer systems. In this paper, we propose a novel method, called ...

The verification of fuzzy rule bases for anomalies has received increasing attention these last few years. Many different approaches have been suggested and many are still under investigation. In this paper, we give a synthesis of methods proposed in literature that try to extend the verification of classical rule bases to the case of fuzzy knowledge modeling, without needing a set of represent...

Signature-based intrusion detection is required to inspect network traffic at wire-speed. Matching packet payloads against patterns specified with regular expression is a computation intensive task. Hence, the design of hardware accelerator to speed up regular expression matching has been an active research area. A systematic approach to detect regular expression is based on finite automaton. T...

Data mining methods have gained importance in addressing computer network security. Existing Rule based classification models for anomaly detection are ineffective in dealing with dynamic changes in intrusion patterns and characteristic. Unsupervised learning methods have been given a closer look for network anomaly detection. We investigate hierarchical clustering algorithm for anomaly detecti...

CLASSIFYING MALICIOUS WINDOWS EXECUTABLES USING ANOMALY BASED DETECTION by Ronak Sutaria A malicious executable is broadly defined as any program or piece of code designed to cause damage to a system or the information it contains, or to prevent the system from being used in a normal manner. A generic term used to describe any kind of malicious software is Malware, which includes Viruses, Worms...

Cloud computing is becoming a very popular way to outsource data storage, services or even infrastructure. Clouds are large network data centers that make use of virtualization technology, thus enabling dynamic scalability and , from user’s perspective, apparent infinite resources. Clouds host services in virtual machines that are isolated from one another and can be migrated within or between ...