high processing loads, need for complicated and frequent updating, and high false alarm are some of the challenges in designing anomaly detection and misuse detection systems. we propose a new network-based intrusion detection system (ids) that resolves such shortcomings. our scheme fuses anomaly detection and misuse detection systems, which has not been utilized so far in existing systems. in ...

In this paper, a boosting-based incremental hybrid intrusion detection system is introduced. This system combines incremental misuse detection and incremental anomaly detection. We use boosting ensemble of weak classifiers to implement misuse intrusion detection system. It can identify new classes types of intrusions that do not exist in the training dataset for incremental misuse detection. As...

The automotive industry’s future trends, such as automated driving or advanced driver assistance, require large bandwidths to handle massive data streams and strongly depend on well timed communication. The Ethernet technology is seen as a suitable candidate to cover those needs for vehicle-internal networks; however, Ethernet involves security issues. Thus, by discussing automotive Ethernet at...

We present a novel approach to detect misuse within an information retrieval system by gathering and maintaining knowledge of the behavior of the user rather than anticipating attacks by unknown assailants. Our approach is based on building and maintaining a profile of the behavior of the system user through tracking, or monitoring, of user activity within the information retrieval system. We p...

In recent years, the applications based on the Wireless Sensor Networks are growing very fast. The application areas include agriculture, healthcare, military, hospitality management, mobiles and many others. So these networks are very important for us and the security of the network from the various attacks is also a more important issue in WSN application now days. Stopping these attacks or e...

In the proposed hybrid intrusion detection process, misuse detection and anomaly detection model is integrated to detect the attack in traffic pattern. In misuse detection model, the traffic pattern is classified into known attack and not known attack. Each extracted normal data set does not have known attack and it contains small amount of varied connection patterns than overall normal data se...

Specification-based intrusion detection, where manually specified program behavioral specifications are used as a basis to detect attacks, have been proposed as a promising alternative that combine the strengths of misuse detection (accurate detection of known attacks) and anomaly detection (ability to detect novel attacks). However, the question of whether this promise can be realized in pract...

This work presents an IPS for web applications that combines anomaly detection, misuse detection, and a prevention module. This approach provides us a solution that produce a number of false positives and false negatives less than traditional solutions. The proposed system is also able to update the misuse and anomaly model according to feedback received by the security manager. Finally, in our...