Relevant bibliographies by topics / Anomaly-based intrusion

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Anomaly-based intrusion'

Author: Grafiati
Published: 5 June 2025
Last updated: 15 July 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Anomaly-based intrusion.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Anomaly-based intrusion"

1

Muhammad Arslan Tariq, Muhammad Arslan Tariq. "Anomaly based Intrusion Detection System." International Journal for Electronic Crime Investigation 3, no. 3 (2019): 7. http://dx.doi.org/10.54692/ijeci.2020.030341.

Full text
Abstract:
In the digital World full of hackers and scammers, data security is what everyone needs the most. Hackers and scammers invent new ways of stealing information on daily basis. A method to come up with more precise system is Intrusion Detection system. IDS is todays need because, it helps the individuals to keep up their confidentiality and integrity. Intrusions, that disturbs the security and secrecy of the system, has become major concern for many organizations. The logic and ways Intrusion Detection System uses are related to these days. Through cloud computing, Intrusion Detection System has creäted a world where it can flourish and be most operative. By means of cloud computing, the fundament has engrossed with the Intrusion Detection technology.
APA, Harvard, Vancouver, ISO, and other styles
2

Muhammad Arslan Tariq, Muhammad Arslan Tariq. "Anomaly based Intrusion Detection System." International Journal for Electronic Crime Investigation 3, no. 3 (2019): 7. http://dx.doi.org/10.54692/ijeci.2020.030336.

Full text
Abstract:
In the digital World full of hackers and scammers, data security is what everyone needs the most. Hackers and scammers invent new ways of stealing information on daily basis. A method to come up with more precise system is Intrusion Detection system. IDS is todays need because, it helps the individuals to keep up their confidentiality and integrity. Intrusions, that disturbs the security and secrecy of the system, has become major concern for many organizations. The logic and ways Intrusion Detection System uses are related to these days. Through cloud computing, Intrusion Detection System has creäted a world where it can flourish and be most operative. By means of cloud computing, the fundament has engrossed with the Intrusion Detection technology.
APA, Harvard, Vancouver, ISO, and other styles
3

Muhammad Arslan Tariq, Muhammad Arslan Tariq. "Anomaly based Intrusion Detection System." International Journal for Electronic Crime Investigation 3, no. 3 (2019): 7. http://dx.doi.org/10.54692/ijeci.2019.030341.

Full text
Abstract:
In the digital World full of hackers and scammers, data security is what everyone needs the most. Hackers and scammers invent new ways of stealing information on daily basis. A method to come up with more precise system is Intrusion Detection system. IDS is todays need because, it helps the individuals to keep up their confidentiality and integrity. Intrusions, that disturbs the security and secrecy of the system, has become major concern for many organizations. The logic and ways Intrusion Detection System uses are related to these days. Through cloud computing, Intrusion Detection System has creäted a world where it can flourish and be most operative. By means of cloud computing, the fundament has engrossed with the Intrusion Detection technology.
APA, Harvard, Vancouver, ISO, and other styles
4

Muhammad Arslan Tariq, Muhammad Arslan Tariq. "Anomaly based Intrusion Detection System." International Journal for Electronic Crime Investigation 3, no. 3 (2019): 7. http://dx.doi.org/10.54692/ijeci.2019.030336.

Full text
Abstract:
In the digital World full of hackers and scammers, data security is what everyone needs the most. Hackers and scammers invent new ways of stealing information on daily basis. A method to come up with more precise system is Intrusion Detection system. IDS is todays need because, it helps the individuals to keep up their confidentiality and integrity. Intrusions, that disturbs the security and secrecy of the system, has become major concern for many organizations. The logic and ways Intrusion Detection System uses are related to these days. Through cloud computing, Intrusion Detection System has creäted a world where it can flourish and be most operative. By means of cloud computing, the fundament has engrossed with the Intrusion Detection technology.
APA, Harvard, Vancouver, ISO, and other styles
5

Ugale, Archana R., and Amol D. Potgantwar. "Anomaly Based Intrusion Detection through Efficient Machine Learning Model." International Journal of Electrical and Electronics Research 11, no. 2 (2023): 616–22. http://dx.doi.org/10.37391/ijeer.110251.

Full text
Abstract:
Machine learning is commonly utilised to construct an intrusion detection system (IDS) that automatically detects and classifies network intrusions and host-level threats. Malicious assaults change and occur in high numbers, needing a scalable solution. Cyber security researchers may use public malware databases for research and related work. No research has examined machine learning algorithm performance on publicly accessible datasets. Data and physical level security and analysis for Data protection have become more important as data volumes grow. IDSs collect and analyse data to identify system or network intrusions for data prevention. The amount, diversity, and speed of network data make data analysis to identify assaults challenging. IDS uses machine learning methods for precise and efficient development of data security mechanism. This work presented intrusion detection model using machine learning, which utilised feature extraction, feature selection and feature modelling for intrusion detection classifier.
APA, Harvard, Vancouver, ISO, and other styles
6

Jyoti, Snehi, Bhandari Abhinav, Baggan Vidhu, and Snehi Ritu Manish. "Diverse Methods for Signature based Intrusion Detection Schemes Adopted." International Journal of Recent Technology and Engineering (IJRTE) 9, no. 2 (2020): 44–49. https://doi.org/10.35940/ijrte.A2791.079220.

Full text
Abstract:
Intrusion Detection Systems (IDS) is used as a tool to detect intrusions on IT networks, providing support in network monitoring to identify and avoid possible attacks. Most such approaches adopt Signature-based methods for detecting attacks which include matching the input event to predefined database signatures. Signature based intrusion detection acts as an adaptable device security safeguard technology. This paper discusses various Signature-based Intrusion Detection Systems and their advantages; given a set of signatures and basic patterns that estimate the relative importance of each intrusion detection system feature, system administrators may help identify cyber-attacks and threats to the network and Computer system. Eighty percent of incidents can be easily and promptly detected using signature-based detection methods if used as a precautionary phase for vulnerability detection and twenty percent rest by anomaly-based intrusion detection system that involves comparing definitions of normal activity or event behavior with observed events in identifying the significant deviations and deciding the traffic to flag.
APA, Harvard, Vancouver, ISO, and other styles
7

Protić, Danijela, and Miomir Stanković. "Detection of Anomalies in the Computer Network Behaviour." European Journal of Engineering and Formal Sciences 4, no. 1 (2020): 7. http://dx.doi.org/10.26417/ejef.v4i1.p7-13.

Full text
Abstract:
The goal of anomaly-based intrusion detection is to build a system which monitors computer network behaviour and generates alerts if either a known attack or an anomaly is detected. Anomaly-based intrusion detection system detects intrusions based on a reference model which identifies normal behaviour of the computer network and flags an anomaly. Basic challenges in anomaly-based detection are difficulties to identify a ‘normal’ network behaviour and complexity of the dataset needed to train the intrusion detection system. Supervised machine learning can be used to train the binary classifiers in order to recognize the notion of normality. In this paper we present an algorithm for feature selection and instances normalization which reduces the Kyoto 2006+ dataset in order to increase accuracy and decrease time for training, testing and validating intrusion detection systems based on five models: k-Nearest Neighbour (k-NN), weighted k-NN (wk-NN), Support Vector Machine (SVM), Decision Tree, and Feedforward Neural Network (FNN).
APA, Harvard, Vancouver, ISO, and other styles
8

Verma, Anil, Enish Paneru, and Bishal Baaniya. "Anomaly-Based Network Intrusion Detection System." Journal of Lumbini Engineering College 4, no. 1 (2022): 38–42. http://dx.doi.org/10.3126/lecj.v4i1.49364.

Full text
Abstract:
Network security has been a really hot topic since the inception of the internet in the early ’80s. With millions of people entrusting their life savings in the hands of an organization, it is really necessary to keep the network intruders out of the system. The most alarming thing is that - even today, many organizations are detecting these intrusions through manual labour. Many researchers have proven that these intrusions have a certain pattern i.e. they can be detected with an Artificial Intelligence (AI) based system with enough training which can prove to be a really an effective substitute for manual labour. This paper explains the current trends in Network Intrusion Detection and the technologies that have been implemented to detect them. CICIDS2017 dataset containing around 3 million data points was used in this experiment. K-Nearest Neighbours (KNN) and Random Forest algorithms are used as the AI tools and their performance has also been compared.
APA, Harvard, Vancouver, ISO, and other styles
9

JIN, SHUYUAN, DANIEL S. YEUNG, and XIZHAO WANG. "INTERNET ANOMALY DETECTION BASED ON STATISTICAL COVARIANCE MATRIX." International Journal of Pattern Recognition and Artificial Intelligence 21, no. 03 (2007): 591–606. http://dx.doi.org/10.1142/s0218001407005557.

Full text
Abstract:
Intrusion detection is an important part of assuring the reliability of computer systems. Different intrusion detection approaches vary with different patterns used and different intrusions addressed. However, what patterns are effective in constructing a detection system is still a challenge. This paper attempts to apply the traditional covariance matrix concept to the detection of multiple known and unknown network anomalies. With respect to the initiation of typical flood-based network intrusions, the proposed approach takes the measure of covariance matrix to reflect the changes of sequential correlativity of the network traffic when flood-based attacks happen. The differences among covariance matrices of network samples collected in temporal sequences of fixed and equal length are directly evaluated to detect multiple network anomalies. Extensive experiments on the subset of KDDCUP 1999 dataset show that the covariance matrix, as a new pattern, can be directly utilized to construct an effective detection system for flood-based attacks. It also points out that utilizing the covariance matrix in the detection of flood-based attacks can achieve higher performance over traditional approaches.
APA, Harvard, Vancouver, ISO, and other styles
10

Veselý, A., and D. Brechlerová. "Neural networks in intrusion detection systems." Agricultural Economics (Zemědělská ekonomika) 50, No. 1 (2012): 35–40. http://dx.doi.org/10.17221/5164-agricecon.

Full text
Abstract:
Security of an information system is its very important property, especially today, when computers are interconnected via internet. Because no system can be absolutely secure, the timely and accurate detection of intrusions is necessary. For this purpose, Intrusion Detection Systems (IDS) were designed. There are two basic models of IDS: misuse IDS and anomaly IDS. Misuse systems detect intrusions by looking for activity that corresponds to the known signatures of intrusions or vulnerabilities. Anomaly systems detect intrusions by searching for an abnormal system activity. Most IDS commercial tools are misuse systems with rule-based expert system structure. However, these techniques are less successful when attack characteristics vary from built-in signatures. Artificial neural networks offer the potential to resolve these problems. As far as anomaly systems are concerned, it is very difficult to build them, because it is difficult to define the normal and abnormal behaviour of a system. Also for building anomaly system, neural networks can be used, because they can learn to discriminate the normal and abnormal behaviour of a system from examples. Therefore, they offer a promising technique for building anomaly systems. This paper presents an overview of the applicability of neural networks in building intrusion systems and discusses advantages and drawbacks of neural network technology.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Anomaly-based intrusion"

1

Satam, Shalaka Chittaranjan, and Shalaka Chittaranjan Satam. "Bluetooth Anomaly Based Intrusion Detection System." Thesis, The University of Arizona, 2017. http://hdl.handle.net/10150/625890.

Full text
Abstract:
Bluetooth is a wireless technology that is used to communicate over personal area networks (PAN). With the advent of Internet of Things (IOT), Bluetooth is the technology of choice for small and short range communication networks. For instance, most of the modern cars have the capability to connect to mobile devices using Bluetooth. This ubiquitous presence of Bluetooth makes it important that it is secure and its data is protected. Previous work has shown that Bluetooth is vulnerable to attacks like the man in the middle attack, Denial of Service (DoS) attack, etc. Moreover, all Bluetooth devices are mobile devices and thus power utilization is an import performance parameter. The attacker can easily increase power consumption of a mobile device by launching an attack vector against that device. As a part of this thesis we present an anomaly based intrusion detection system for Bluetooth network, Bluetooth IDS (BIDS). The BIDS uses Ngram based approach to characterize the normal behavior of the Bluetooth protocol. Machine learning algorithms were used to build the normal behavior models for the protocol during the training phase of the system, and thus allowing classification of observed Bluetooth events as normal or abnormal during the operational phase of the system. The experimental results showed that the models that were developed in this thesis had a high accuracy with precision of 99.2% and recall of 99.5%.
APA, Harvard, Vancouver, ISO, and other styles
2

Balupari, Ravindra. "Real-time network-based anomaly intrusion detection." Ohio : Ohio University, 2002. http://www.ohiolink.edu/etd/view.cgi?ohiou1174579398.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Miller, Nicholas J. "Benchmarks for Evaluating Anomaly-Based Intrusion Detection Solutions." Thesis, California State University, Long Beach, 2018. http://pqdtopen.proquest.com/#viewpdf?dispub=10752128.

Full text
Abstract:
<p> Anomaly-based Intrusion Detection Systems are critical components of modern security systems. They often rely on Machine Learning (ML) to detect potential attacks and have gained increased popularity over time, due to new technologies and dangers. There are many proposed anomaly-based systems using different ML algorithms and techniques, however there is no standard benchmark to compare these based on quantifiable measures. </p><p> We have proposed a benchmark that measures both accuracy and performance to produce objective metrics that can be used in the evaluation of each algorithm implementation. In this paper, the benchmark will be used to compare four different ML algorithms (Naive Bayes, Support Vector Machines, Neural Networks, and K-means Clustering) on the NSL-KDD dataset. The experimental results show the differences in accuracy and performance between these algorithms on the dataset, and also how this benchmark can be used to create useful metrics for comparisons.</p><p>
APA, Harvard, Vancouver, ISO, and other styles
4

Al-Nashif, Youssif. "MULTI-LEVEL ANOMALY BASED AUTONOMIC INTRUSION DETECTION SYSTEM." Diss., The University of Arizona, 2008. http://hdl.handle.net/10150/195504.

Full text
Abstract:
The rapid growth and deployment of network technologies and Internet services has made security and management of networks a challenging research problem. This growth is accompanied by an exponential growth in the number of network attacks, which have become more complex, more organized, more dynamic, and more severe than ever. Current network protection techniques are static, slow in responding to attacks, and inefficient due to the large number of false alarms. Attack detection systems can be broadly classified as being signature-based, classification-based, or anomaly-based. In this dissertation, I present a multi-level anomaly based autonomic network defense system which can efficiently detect both known and unknown types of network attacks with a high detection rate and low false alarms. The system uses autonomic computing to automate the control and management of multi-level intrusion detection system and integrate the different components of the system. The system defends the network by detecting anomalies in network operations that may have been caused by network attacks. Like other anomaly detection systems, AND captures a profile of normal network behavior.In this dissertation, I introduce experimental results that evaluate the effectiveness and performance of the multi-level anomaly based autonomic network intrusion detection system in detecting network attacks. The system consist of monitoring modules, feature aggregation and correlation modules, behavior analysis modules, decision fusion module, global visualization module, risk and impact analysis module, action module, attack classification module, and the adaptive learning module. I have successfully implemented a prototype system based on my multi-level anomaly based approach. The experimental results and evaluation of our prototype show that our multi-level intrusion detection system can efficiently and effectively detect and protect against any type of network attacks known or unknown in real-time. Furthermore, the overhead of our approach is insignificant on the normal network operations and services.
APA, Harvard, Vancouver, ISO, and other styles
5

Labonne, Maxime. "Anomaly-based network intrusion detection using machine learning." Electronic Thesis or Diss., Institut polytechnique de Paris, 2020. http://www.theses.fr/2020IPPAS011.

Full text
Abstract:
Ces dernières années, le piratage est devenu une industrie à part entière, augmentant le nombre et la diversité des cyberattaques. Les menaces qui pèsent sur les réseaux informatiques vont des logiciels malveillants aux attaques par déni de service, en passant par le phishing et l'ingénierie sociale. Un plan de cybersécurité efficace ne peut plus reposer uniquement sur des antivirus et des pare-feux pour contrer ces menaces : il doit inclure plusieurs niveaux de défense. Les systèmes de détection d'intrusion (IDS) réseaux sont un moyen complémentaire de renforcer la sécurité, avec la possibilité de surveiller les paquets de la couche 2 (liaison) à la couche 7 (application) du modèle OSI. Les techniques de détection d'intrusion sont traditionnellement divisées en deux catégories : la détection par signatures et la détection par anomalies. La plupart des IDS utilisés aujourd'hui reposent sur la détection par signatures ; ils ne peuvent cependant détecter que des attaques connues. Les IDS utilisant la détection par anomalies sont capables de détecter des attaques inconnues, mais sont malheureusement moins précis, ce qui génère un grand nombre de fausses alertes. Dans ce contexte, la création d'IDS précis par anomalies est d'un intérêt majeur pour pouvoir identifier des attaques encore inconnues.Dans cette thèse, les modèles d'apprentissage automatique sont étudiés pour créer des IDS qui peuvent être déployés dans de véritables réseaux informatiques. Tout d'abord, une méthode d'optimisation en trois étapes est proposée pour améliorer la qualité de la détection : 1/ augmentation des données pour rééquilibrer les jeux de données, 2/ optimisation des paramètres pour améliorer les performances du modèle et 3/ apprentissage ensembliste pour combiner les résultats des meilleurs modèles. Les flux détectés comme des attaques peuvent être analysés pour générer des signatures afin d'alimenter les bases de données d'IDS basées par signatures. Toutefois, cette méthode présente l'inconvénient d'exiger des jeux de données étiquetés, qui sont rarement disponibles dans des situations réelles. L'apprentissage par transfert est donc étudié afin d'entraîner des modèles d'apprentissage automatique sur de grands ensembles de données étiquetés, puis de les affiner sur le trafic normal du réseau à surveiller. Cette méthode présente également des défauts puisque les modèles apprennent à partir d'attaques déjà connues, et n'effectuent donc pas réellement de détection d'anomalies. C'est pourquoi une nouvelle solution basée sur l'apprentissage non supervisé est proposée. Elle utilise l'analyse de l'en-tête des protocoles réseau pour modéliser le comportement normal du trafic. Les anomalies détectées sont ensuite regroupées en attaques ou ignorées lorsqu'elles sont isolées. Enfin, la détection la congestion réseau est étudiée. Le taux d'utilisation de la bande passante entre les différents liens est prédit afin de corriger les problèmes avant qu'ils ne se produisent<br>In recent years, hacking has become an industry unto itself, increasing the number and diversity of cyber attacks. Threats on computer networks range from malware to denial of service attacks, phishing and social engineering. An effective cyber security plan can no longer rely solely on antiviruses and firewalls to counter these threats: it must include several layers of defence. Network-based Intrusion Detection Systems (IDSs) are a complementary means of enhancing security, with the ability to monitor packets from OSI layer 2 (Data link) to layer 7 (Application). Intrusion detection techniques are traditionally divided into two categories: signatured-based (or misuse) detection and anomaly detection. Most IDSs in use today rely on signature-based detection; however, they can only detect known attacks. IDSs using anomaly detection are able to detect unknown attacks, but are unfortunately less accurate, which generates a large number of false alarms. In this context, the creation of precise anomaly-based IDS is of great value in order to be able to identify attacks that are still unknown.In this thesis, machine learning models are studied to create IDSs that can be deployed in real computer networks. Firstly, a three-step optimization method is proposed to improve the quality of detection: 1/ data augmentation to rebalance the dataset, 2/ parameters optimization to improve the model performance and 3/ ensemble learning to combine the results of the best models. Flows detected as attacks can be analyzed to generate signatures to feed signature-based IDS databases. However, this method has the disadvantage of requiring labelled datasets, which are rarely available in real-life situations. Transfer learning is therefore studied in order to train machine learning models on large labeled datasets, then finetune them on benign traffic of the network to be monitored. This method also has flaws since the models learn from already known attacks, and therefore do not actually perform anomaly detection. Thus, a new solution based on unsupervised learning is proposed. It uses network protocol header analysis to model normal traffic behavior. Anomalies detected are then aggregated into attacks or ignored when isolated. Finally, the detection of network congestion is studied. The bandwidth utilization between different links is predicted in order to correct issues before they occur
APA, Harvard, Vancouver, ISO, and other styles
6

Tjhai, Gina C. "Anomaly-based correlation of IDS alarms." Thesis, University of Plymouth, 2011. http://hdl.handle.net/10026.1/308.

Full text
Abstract:
An Intrusion Detection System (IDS) is one of the major techniques for securing information systems and keeping pace with current and potential threats and vulnerabilities in computing systems. It is an indisputable fact that the art of detecting intrusions is still far from perfect, and IDSs tend to generate a large number of false IDS alarms. Hence human has to inevitably validate those alarms before any action can be taken. As IT infrastructure become larger and more complicated, the number of alarms that need to be reviewed can escalate rapidly, making this task very difficult to manage. The need for an automated correlation and reduction system is therefore very much evident. In addition, alarm correlation is valuable in providing the operators with a more condensed view of potential security issues within the network infrastructure. The thesis embraces a comprehensive evaluation of the problem of false alarms and a proposal for an automated alarm correlation system. A critical analysis of existing alarm correlation systems is presented along with a description of the need for an enhanced correlation system. The study concludes that whilst a large number of works had been carried out in improving correlation techniques, none of them were perfect. They either required an extensive level of domain knowledge from the human experts to effectively run the system or were unable to provide high level information of the false alerts for future tuning. The overall objective of the research has therefore been to establish an alarm correlation framework and system which enables the administrator to effectively group alerts from the same attack instance and subsequently reduce the volume of false alarms without the need of domain knowledge. The achievement of this aim has comprised the proposal of an attribute-based approach, which is used as a foundation to systematically develop an unsupervised-based two-stage correlation technique. From this formation, a novel SOM K-Means Alarm Reduction Tool (SMART) architecture has been modelled as the framework from which time and attribute-based aggregation technique is offered. The thesis describes the design and features of the proposed architecture, focusing upon the key components forming the underlying architecture, the alert attributes and the way they are processed and applied to correlate alerts. The architecture is strengthened by the development of a statistical tool, which offers a mean to perform results or alert analysis and comparison. The main concepts of the novel architecture are validated through the implementation of a prototype system. A series of experiments were conducted to assess the effectiveness of SMART in reducing false alarms. This aimed to prove the viability of implementing the system in a practical environment and that the study has provided appropriate contribution to knowledge in this field.
APA, Harvard, Vancouver, ISO, and other styles
7

Wester, Philip. "Anomaly-based intrusion detection using Tree Augmented Naive Bayes Classifier." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-295754.

Full text
Abstract:
With the rise of information technology and the dependence on these systems, it becomes increasingly more important to keep the systems secure. The possibility to detect an intrusion with intrusion detection systems (IDS) is one of multiple fundamental technologies that may increase the security of a system. One of the bigger challenges of an IDS, is to detect types of intrusions that have previously not been encountered, so called unknown intrusions. These types of intrusions are generally detected by using methods collectively called anomaly detection methods. In this thesis I evaluate the performance of the algorithm Tree Augmented Naive Bayes Classifier (TAN) as an intrusion detection classifier. More specifically, I created a TAN program from scratch in Python and tested the program on two data sets containing data traffic. The thesis aims to create a better understanding of how TAN works and evaluate if it is a reasonable algorithm for intrusion detection. The results show that TAN is able to perform at an acceptable level with a reasonably high accuracy. The results also highlights the importance of using the smoothing operator included in the standard version of TAN.<br>Med informationsteknikens utveckling och det ökade beroendet av dessa system, blir det alltmer viktigt att hålla systemen säkra. Intrångsdetektionssystem (IDS) är en av många fundamentala teknologier som kan öka säkerheten i ett system. En av de större utmaningarna inom IDS, är att upptäcka typer av intrång som tidigare inte stötts på, så kallade okända intrång. Dessa intrång upptäcks oftast med hjälp av metoder som kollektivt kallas för avvikelsedetektionsmetoder. I denna uppsats utvärderar jag algoritmen Tree Augmented Naive Bayes Classifiers (TAN) prestation som en intrångsdetektionsklassificerare. Jag programmerade ett TAN-program, i Python, och testade detta program på två dataset som innehöll datatrafik. Denna uppsats ämnar att skapa en bättre förståelse för hur TAN fungerar, samt utvärdera om det är en lämplig algoritm för detektion av intrång. Resultaten visar att TAN kan prestera på en acceptabel nivå, med rimligt hög noggrannhet. Resultaten markerar även betydelsen av "smoothing operator", som inkluderas i standardversionen av TAN.
APA, Harvard, Vancouver, ISO, and other styles
8

Nwanze, Nnamdi Chike. "Anomaly-based intrusion detection using using lightweight stateless payload inspection." Diss., Online access via UMI:, 2009.

Find full text
Abstract:
Thesis (Ph. D.)--State University of New York at Binghamton, Thomas J. Watson School of Engineering and Applied Science, Department of Electrical and Computer Engineering, 2009.<br>Includes bibliographical references.
APA, Harvard, Vancouver, ISO, and other styles
9

Söderström, Albin. "Anomaly-based Intrusion Detection Using Convolutional Neural Networks for IoT Devices." Thesis, Blekinge Tekniska Högskola, Institutionen för datavetenskap, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-21870.

Full text
Abstract:
Background. The rapid growth of IoT devices in homes put people at risk of cyberattacks and the low power and computing capabilities in IoT devices make it difficultto design a security solution for them. One method of preventing cyber attacks isan Intrusion Detection System (IDS) that can identify incoming attacks so that anappropriate action can be taken. Previous attempts have been made using machinelearning and deep learning however these attempts have struggled at detecting newattacks.Objectives. In this work we use a convolutional neural network IoTNet designed forIoT devices to classify network attacks. In order to evaluate the use of deep learningin intrusion detection systems on IoT.Methods. The neural network was trained on the NF-UNSW-NB15-v2 datasetwhich contains 9 different types of attacks. We used a method that transformedthe network flow data into RGB images which were fed to the neural network forclassification. We compared IoTNet to a basic convolutional neural network as abaseline.Results. The results show that IoTNet did not perform better at classifying networkattacks when compared to a basic convolutional neural network. It also showed thatboth network had low precision for most classes.Conclusions. We found that IoTNet is unfit to be used as an intrusion detectionsystem in the general case and that further research must be done in order to improvethe precision of the neural network.
APA, Harvard, Vancouver, ISO, and other styles
10

Zhou, Mian. "Network Intrusion Detection: Monitoring, Simulation and Visualization." Doctoral diss., University of Central Florida, 2005. http://digital.library.ucf.edu/cdm/ref/collection/ETD/id/4063.

Full text
Abstract:
This dissertation presents our work on network intrusion detection and intrusion sim- ulation. The work in intrusion detection consists of two different network anomaly-based approaches. The work in intrusion simulation introduces a model using explicit traffic gen- eration for the packet level traffic simulation. The process of anomaly detection is to first build profiles for the normal network activity and then mark any events or activities that deviate from the normal profiles as suspicious. Based on the different schemes of creating the normal activity profiles, we introduce two approaches for intrusion detection. The first one is a frequency-based approach which creates a normal frequency profile based on the periodical patterns existed in the time-series formed by the traffic. It aims at those attacks that are conducted by running pre-written scripts, which automate the process of attempting connections to various ports or sending packets with fabricated payloads, etc. The second approach builds the normal profile based on variations of connection-based behavior of each single computer. The deviations resulted from each individual computer are carried out by a weight assignment scheme and further used to build a weighted link graph representing the overall traffic abnormalities. The functionality of this system is of a distributed personal IDS system that also provides a centralized traffic analysis by graphical visualization. It provides a finer control over the internal network by focusing on connection-based behavior of each single computer. For network intrusion simulation, we explore an alternative method for network traffic simulation using explicit traffic generation. In particular, we build a model to replay the standard DARPA traffic data or the traffic data captured from a real environment. The replayed traffic data is mixed with the attacks, such as DOS and Probe attack, which can create apparent abnormal traffic flow patterns. With the explicit traffic generation, every packet that has ever been sent by the victim and attacker is formed in the simulation model and travels around strictly following the criteria of time and path that extracted from the real scenario. Thus, the model provides a promising aid in the study of intrusion detection techniques.<br>Ph.D.<br>School of Computer Science<br>Engineering and Computer Science<br>Computer Science
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Anomaly-based intrusion"

1

Nikolova, Evgeniya. The Decoding Algorithms as Techniques for Creation the Anomaly Based Intrusion Detection Systems. INTECH Open Access Publisher, 2009.

Find full text
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Anomaly-based intrusion"

1

Hu, Jiankun. "Host-Based Anomaly Intrusion Detection." In Handbook of Information and Communication Security. Springer Berlin Heidelberg, 2010. http://dx.doi.org/10.1007/978-3-642-04117-4_13.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Ooi, Shih Yin, Shing Chiang Tan, and Wooi Ping Cheah. "Anomaly Based Intrusion Detection through Temporal Classification." In Neural Information Processing. Springer International Publishing, 2014. http://dx.doi.org/10.1007/978-3-319-12643-2_74.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Viswanathan, Arun, Kymie Tan, and Clifford Neuman. "Deconstructing the Assessment of Anomaly-based Intrusion Detectors." In Research in Attacks, Intrusions, and Defenses. Springer Berlin Heidelberg, 2013. http://dx.doi.org/10.1007/978-3-642-41284-4_15.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Li, Zhuowei, Amitabha Das, and Jianying Zhou. "USAID: Unifying Signature-Based and Anomaly-Based Intrusion Detection." In Advances in Knowledge Discovery and Data Mining. Springer Berlin Heidelberg, 2005. http://dx.doi.org/10.1007/11430919_81.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Suresh, Akshaya, and Arun Cyril Jose. "Detection of Malicious Activities by AI-Supported Anomaly-Based IDS." In Artificial Intelligence for Intrusion Detection Systems. Chapman and Hall/CRC, 2023. http://dx.doi.org/10.1201/9781003346340-4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Fragkiadakis, Alexandros G., Vasilios A. Siris, and Nikolaos Petroulakis. "Anomaly-Based Intrusion Detection Algorithms for Wireless Networks." In Lecture Notes in Computer Science. Springer Berlin Heidelberg, 2010. http://dx.doi.org/10.1007/978-3-642-13315-2_16.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Prajapati, Gitesh, Pooja Singh, and Rahul. "Anomaly Based Network Intrusion Detection System for IoT." In Proceedings of International Conference on Data Science and Applications. Springer Nature Singapore, 2023. http://dx.doi.org/10.1007/978-981-19-6634-7_49.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Mayanglambam, Sushilata D., Nainesh Hulke, and Rajendra Pamula. "Genetic Algorithm Based Anomaly Detection for Intrusion Detection." In Communications in Computer and Information Science. Springer Nature Switzerland, 2024. http://dx.doi.org/10.1007/978-3-031-47224-4_17.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Khonde, Shraddha R. "Anomaly Based Intrusion Detection System Using Rule Based Genetic Algorithm." In Intelligent Cyber Physical Systems and Internet of Things. Springer International Publishing, 2023. http://dx.doi.org/10.1007/978-3-031-18497-0_56.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Snehi, Jyoti, Abhinav Bhandari, Manish Snehi, Urvashi Tandon, and Vidhu Baggan. "Global Intrusion Detection Environments and Platform for Anomaly-Based Intrusion Detection Systems." In Proceedings of Second International Conference on Computing, Communications, and Cyber-Security. Springer Singapore, 2021. http://dx.doi.org/10.1007/978-981-16-0733-2_58.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Anomaly-based intrusion"

1

Maasaoui, Zineb, Mheni Merzouki, Abdella Battou, and Ahmed Lbath. "Anomaly Based Intrusion Detection Using Large Language Models." In 2024 IEEE/ACS 21st International Conference on Computer Systems and Applications (AICCSA). IEEE, 2024. https://doi.org/10.1109/aiccsa63423.2024.10912623.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Singhvi, Arihant, Abhinav Nambiar, Pranav Menon, and Narendra V G. "SVM-Based Anomaly Detection for Network Intrusion Systems: An Advanced Approach to Intrusion Prevention." In First International Conference on Computer, Computation and Communication (IC3C-2025). River Publishers, 2025. https://doi.org/10.13052/rp-9788743808268a029.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Al-Fuhaidi, Belal, Zainab Farae, Wedad Al-Sorori, et al. "Anomaly-Based Intrusion Detection System in WSN using DNN Algorithm." In 2024 1st International Conference on Emerging Technologies for Dependable Internet of Things (ICETI). IEEE, 2024. https://doi.org/10.1109/iceti63946.2024.10777266.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Nguyen, Hoang-Cong-Thanh, Xuan-Ha Nguyen, and Kim-Hung Le. "An Automated Benchmarking Framework for Anomaly-based Intrusion Detection Systems." In 2024 International Conference on Multimedia Analysis and Pattern Recognition (MAPR). IEEE, 2024. http://dx.doi.org/10.1109/mapr63514.2024.10660867.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Novikov, D., R. V. Yampolskiy, and L. Reznik. "Anomaly Detection Based Intrusion Detection." In Third International Conference on Information Technology: New Generations (ITNG'06). IEEE, 2006. http://dx.doi.org/10.1109/itng.2006.33.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Kumar, Roshan, and Deepak Sharma. "Signature-Anomaly Based Intrusion Detection Algorithm." In 2018 Second International Conference on Electronics, Communication and Aerospace Technology (ICECA). IEEE, 2018. http://dx.doi.org/10.1109/iceca.2018.8474781.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Wahi, Vibhore, Sarthak Yadav, Yash Thenuia, and Anamika Chauhan. "Anomaly Based Intrusion Detection For IoT." In 2022 3rd International Conference for Emerging Technology (INCET). IEEE, 2022. http://dx.doi.org/10.1109/incet54531.2022.9824810.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Almehmadi, Abdulaziz. "SCADA Networks Anomaly-based Intrusion Detection System." In SIN '18: 11th International Conference On Security Of Information and Networks. ACM, 2018. http://dx.doi.org/10.1145/3264437.3264471.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Satam, Pratik. "Cross Layer Anomaly Based Intrusion Detection System." In 2015 IEEE International Conference on Self-Adaptive and Self-Organizing Systems Workshops (SASOW). IEEE, 2015. http://dx.doi.org/10.1109/sasow.2015.31.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Satam, Pratik. "Anomaly Based Wi-Fi Intrusion Detection System." In 2017 IEEE 2nd International Workshops on Foundations and Applications of Self* Systems (FAS*W). IEEE, 2017. http://dx.doi.org/10.1109/fas-w.2017.180.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Anomaly-based intrusion"

1

Skormin, Victor A. Anomaly-Based Intrusion Detection Systems Utilizing System Call Data. Defense Technical Information Center, 2012. http://dx.doi.org/10.21236/ada568124.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Etoty, Renee E., and Robert F. Erbacher. A Survey of Visualization Tools Assessed for Anomaly-Based Intrusion Detection Analysis. Defense Technical Information Center, 2014. http://dx.doi.org/10.21236/ada601590.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Anomaly-based intrusion' for particular source types:
Journal articles Dissertations / Theses
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography