We present Poseidon, a new anomaly based intrusion detection system. Poseidon
is payload-based, and presents a two-tier architecture: the first stage
consists of a Self-Organizing Map, while the second one is a modified PAYL
system. Our benchmarks on the 1999 DARPA data set show a higher detection rate
and lower number of false positives than PAYL and PHAD

Bolzoni, Damiano

Etalle, Sandro

Hartel, Pieter

Zambon, Emmanuele

English

arXiv

We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection rate and lower number of false positives than PAYL and PHAD

Bolzoni, D.

Hartel, Pieter H.

University of Twente Research Information

Poseidon:A 2-tier Anomaly-based Intrusion Detection System

NARCIS 

Poseidon: A 2-tier Anomaly-based Intrusion Detection System

Zambon, E.

Etalle, S.

Hartel, P.H.

Poseidon : a 2-tier anomaly-based intrusion detection system

Pure OAI Repository

We present Poseidon, a new anomaly based intru-sion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system [22]. Our bench-marks on the 1999 DARPA data set [15] show a higher detection rate and lower number of false pos-itives than PAYL and PHAD. 

Damiano Bolzoni

Emmanuele Zambon

Ro Etalle

Pieter Hartel

CiteSeerX

Poseidon: A 2-tier anomaly-based intrusion detection system

An adaptive neural network approach to intrusion detection and response.

An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection.

An intrusion-detection model.

Anomalous payloadbased network intrusion detection.

Artiﬁcial neural networks for misuse detection.

Computer security threat monitoring and surveillance.

Detecting anomalous network traﬃc with selforganizing maps.

Gauging similarity with ngrams: Language-independent categorization of text.

Learning nonstationary models of normal network trafﬁc for detecting novel attacks.

Network based anomaly intrusion detection using self organizing maps (SOMs).

Next generation intrusion detection: Autonomous reinforcement learning of network attacks.

NSOM: A tool to detect denial of service attacks using selforganizing maps.

Self organizing map (SOM) for Anomaly Detection.

Service speciﬁc anomaly detection for network intrusion detection.

Snort - Lightweight Intrusion Detection for Networks.

Stealthy Portscan & Intrusion Correlation Engine (SPADE),

Testing Intrusion Detection Systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory.

The NIDES statistical component description and justiﬁcation.

The UCI KDD archive of large data sets for data mining research and experimentation.

Poseidon: a 2-tier Anomaly-based Intrusion Detection System

Poseidon: a 2-tier Anomaly-based Intrusion Detection System

Abstract

Similar works

Full text

Available Versions

University of Twente Research Information

NARCIS

NARCIS

Pure OAI Repository

Pure OAI Repository

CiteSeerX