anomaly detection

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Formal Reasoning About Intrusion Detection Systems

Intrusion detection is an appealing approach to improving the security of systems. It involves the runtime gathering of data from system operations, and the subsequent analysis of the data. There are three different kinds of detection models: anomaly detection, misuse detection and specification-based intrusion detection. Anomaly detection compares characteristics of...

Tags: Reasoning Inc., Intrusion Detection System, Specification, Anomaly Detection, Intrusion Detection, Network Security, Security, Networking

White papers 2007-03-01

Additional Resources

A Multi-Layered Approach to the Design of Intelligent Intrusion Detection and Prevention System (IIDPS)

Ignoring security threats can have serious consequences; therefore host machines in network must continually be monitored for intrusions since they are the final endpoint of any network. As a result, this paper presents an Intelligent Intrusion Detection and Prevention System IIDPS, which monitors a single host system from three different...

Tags: Approach, Layer, Intrusion Detection, Network Security, Security, Networking

White papers 2009-05-21

Data Fusion and Cost Minimization for Intrusion Detection

Statistical pattern recognition techniques have recently been shown to provide a finer balance between misdetections and false alarms than the more conventional intrusion detection approaches, namely misuse detection and anomaly detection. A variety of classical machine learning and pattern recognition algorithms has been applied to intrusion detection with varying levels...

Tags: Pattern Recognition, Intrusion Detection, Network Security, Security, Networking

White papers 2009-01-26

Detecting Pulsing Denial-of-Service Attacks With Nondeterministic Attack Intervals

This paper addresses the important problem of detecting Pulsing Denial of Service PDoS attacks which send a sequence of attack pulses to reduce TCP throughput. Unlike previous works which focused on a restricted form of attacks, one considers a very broad class of attacks. In particular, the attack model admits...

Tags: Denial Of Service, The Vanguard Group Inc., Attack, Attack Interval, Security

White papers 2009-01-21

Rule-Based Anomaly Detection on IP Flows

Rule-based packet classification is a powerful method for identifying traffic anomalies, with network security as a key application area. While popular systems like Snort are used in many network locations, comprehensive deployment across Tier-1 service provider networks is costly due to the need for high-speed monitors at many network ingress...

Tags: Network, IP, Intellectual Property, Networking, Research & Development, Business Operations

White papers 2009-01-20

Experiences With Specification-Based Intrusion Detection

Specification-based intrusion detection, where manually specified program behavioral specifications are used as a basis to detect attacks, have been proposed as a promising alternative that combine the strengths of misuse detection accurate detection of known attacks and anomaly detection ability to detect novel attacks. However, the question of whether this...

Tags: Specification, Attack, Intrusion Detection, Security

White papers 2009-01-01

Network-Based Intrusion Detection Using Unsupervised Adaptive Resonance Theory (ART)

This paper introduces the Unsupervised Neural Net based Intrusion Detector UNNID system, which detects network-based intrusions and attacks using unsupervised neural networks. The system has facilities for training, testing, and tunning of unsupervised nets to be used in intrusion detection. Using the system, the author tested two types of unsupervised...

Tags: Network, Net, Attack, Intrusion Detection, Security, Network Security, Networking

White papers 2009-01-01

Athena FirePac 2.0 (Windows)

Athena FirePac is an affordable, easy to use and install, firewall analysis tool with three essential must-have capabilities for every network engineer. Policy Analysis - a remarkably straightforward way to understand all the services allowed to, from or through a device. Anomaly Detection - the industry's most thorough display of...

Tags: Microsoft Windows, Athenasecurity, Athena FirePac, Firewalls, Network Security, PCI, Security, Networking, Storage, Hardware

Software downloads 2008-10-08

Flow Based Network Intrusion Detection System Using Hardware-Accelerated NetFlow Probes

Current network intrusion detection methods based on anomaly detection approaches suffer from comparatively higher error rate and low performance. Proposed flow based network intrusion detection system addresses these issues by using hardware-accelerated probes to collect unsampled NetFlow data from gigabit-speed network links and combining several anomaly detection algorithms by means...

Tags: Network Intrusion Detection System, Network, Intrusion Detection System, Network Intrusion Detection, CESNET, Anomaly Data, Intrusion Detection, Networking, Security

White papers 2008-09-30

Correlation-Based Load Balancing for Network Intrusion Detection and Prevention Systems

In large-scale enterprise networks, multiple network intrusion detection and prevention systems are used to provide high quality protections. In this context, keeping load evenly distributed among the systems is crucial. This is because even load distributions provide protection to the networks and improve the networks' quality of service. A challenging...

Tags: Network, Load Balancing, Association For Computing Machinery, Network Intrusion Detection, Intrusion Detection, Network Administration, Networking, Security

White papers 2008-09-25

Webmail providers can fix Palin hack-style problems

Webmail providers can fix Palin hack-style problemsWhile I do agreeMuch can be done to improve web mail security, your point of improving knowledge mechanisms to a person's email will only work for those who have to dig for information on a person. Aren't a large portion of hacks started...

Tags: E-mail, Social Security, Palin, WebMail

Discussion threads 2008-09-22

Webmail providers can fix Palin hack-style problems

One of the most important questions we should be asking ourselves in light of the Palin webmail hack discussed at length here, here and here is how it could have been prevented. There are several software techniques that I can think of off the top of my head that...

Tags: Software, Technique, Password, IP, Productivity, Adam O'Donnell

Blog posts 2008-09-21

Novel Intrusion Prevention and Detection Methods

Analysis of contemporary Information Security Systems ISS and especially the case of Intrusion Detection Systems IDS shows one few character negative features and drawbacks. Original methods and combined anomaly and signature IDS applications are presented in the paper. Human-centered methods INCONSISTENCY, FUNNEL, CALEIDOSCOPE and CROSSWORD interact on a competitive principle...

Tags: Method, Intrusion Detection System, Data Mining, Intrusion Detection, Business Intelligence, Intrusion Prevention, Marketing Research, Network Security, Security, Databases, Enterprise Software, Software, Data Management, Marketing, Networking

White papers 2008-09-08

Anomaly Intrusion Detection System Using Hierarchical Gaussian Mixture Model

Intrusion Detection Systems have been widely used to overcome security threats in computer networks and to identify unauthorized use, misuse, and abuse of computer systems. Anomaly-based approaches in Intrusion Detection Systems have the advantage of being able to detect unknown attacks; they look for patterns that deviate from the normal...

Tags: Intrusion Detection System, Anomaly, Iran Telecommunication Research Center, Intrusion Detection, Network Security, Security, Networking

White papers 2008-08-01

My Awesome IT Job: Senior security engineer, VoIP carrier

Hey, we all complain about work from time to time; we've all had lousy jobs. But before you call it a day and head off to the support group that meets at the bar, here are a few words from IT pros that love their work. "I...

Tags: Network, Information Technology, Hobby, Telephony, VOIP, Telecommunications, Security, Networking, Deb Perelman

Blog posts 2008-07-18

Modeling an Intrusion Detection System Using Data Mining and Genetic Algorithms Based on Fuzzy Logic

Fuzzy logic based methods together with the techniques from Artificial Intelligence have gained importance. Data mining techniques like clustering techniques, Association rules together with fuzzy logic to model the fuzzy association rules are being used for classifying data. These together with the techniques of genetic algorithms like genetic programming are...

Tags: Algorithm, Technique, Intrusion Detection System, Modeling, Productivity, Data Mining, Intrusion Detection, Business Intelligence, Enterprise Software, Software, Data Management, Security

White papers 2008-07-01

Anomaly? Application Change? or Workload Change? - Towards Automated Detection of Application Performance Anomaly and Change

Automated tools for understanding application behavior and its changes during the application life-cycle are essential for many performance analysis and debugging tasks. Application performance issues have an immediate impact on customer experience and satisfaction. A sudden slowdown of enterprise-wide application can effect a large population of customers, lead to delayed...

Tags: Performance, Performance Management, Human Resources, Workforce Management

White papers 2008-06-21

Boosting Web Intrusion Detection Systems by Inferring Positive Signatures

This paper presents a new approach to anomaly-based network intrusion detection for web applications. This approach is based on dividing the input parameters of the monitored web application in two groups: the "Regular" and the "Irregular" ones, and applying a new method for anomaly detection on the "Regular" ones based...

Tags: Web, Web Application, Training, Anomaly, University Of Twente, Intrusion Detection, Cloud Computing, Workforce Management, Training And Certification, Security, Human Resources

White papers 2008-06-15

MARS - Cisco Security Monitoring, Analysis, and Response System v3.0

View Available Dates and LocationsCisco Security Monitoring, Analysis, and Response System MARS is a family of high-performance, scalable appliances for threat management, monitoring, and mitigation that enables you to make more effective use of network and security devices by combining network intelligence, context correlation, vector analysis, ...

Tags: Appliance, Security, Network, Security Monitoring, Monitoring, Cisco Systems Inc., Analysis, Configure, Networking

Training 2008-06-01

CAMNEP: Agent-Based Network Intrusion Detection System

This paper presents a prototype of agent-based intrusion detection system designed for deployment on high-speed backbone networks. The main contribution of the system is the integration of several anomaly detection techniques by means of collective trust modeling within a group of collaborative detection agents, each featuring a specific detection algorithm....

Tags: Network Intrusion Detection System, Network, Agent, Intrusion Detection System, IFAAMAS, Real Estate, Research & Development, Intrusion Detection, Networking, Security, Business Operations

White papers 2008-05-16