The state of the art is explored in using soft computing (SC) methods for network intrusion detection, including the examination of efforts in ten specific areas of SC as well as ...
—The complexity of modern networked information systems, as well as all the defense-in-depth best practices, require distributed intrusion detection architectures relying on the ...
Intrusion detection in computer networks faces the problem of a large number of both false alarms and unrecognized attacks. To improve the precision of detection, various machine l...
A distributed data mining algorithm to improve the detection accuracy when classifying malicious or unauthorized network activity is presented. The algorithm is based on genetic p...
Gianluigi Folino, Clara Pizzuti, Giandomenico Spez...
As networks become faster there is an emerging need for security analysis techniques that can keep up with the increased network throughput. Existing network-based intrusion detec...
This paper details an essential component of a multi-agent distributed knowledge network system for intrusion detection. We describe a distributed intrusion detection architecture...
Guy G. Helmer, Johnny S. Wong, Vasant Honavar, Les...
We describe the use of a domain-specific language (DSL) for expressing critical design values and constraints in an intrusion detection application. Through the use of this specia...
STATL is an extensible state/transition-based attack description language designed to support intrusion detection. The language allows one to describe computer penetrations as seq...
Steve T. Eckmann, Giovanni Vigna, Richard A. Kemme...
Intrusion detection systems (IDSs) must maximize the realization of security goals while minimizing costs. In this paper, we study the problem of building cost-sensitive intrusion...
Wenke Lee, Wei Fan, Matthew Miller, Salvatore J. S...
: Although the main aim of IDSs is to detect intrusions to prompt evasive measures, a further aim can be to supply evidence in criminal and civil legal proceedings. However the fea...