• DocumentCode
    3456318
  • Title

    POSEIDON: a 2-tier anomaly-based network intrusion detection system

  • Author

    Bolzoni, D. ; Etalle, S. ; Hartel, Pieter

  • Author_Institution
    Distributed & Embedded Syst. Group, Twente Univ., Enschede
  • fYear
    2006
  • fDate
    13-14 April 2006
  • Lastpage
    156
  • Abstract
    We present POSEIDON, a new anomaly-based network intrusion detection system. POSEIDON is payload-based, and has a two-tier architecture: the first stage consists of a self-organizing map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection rate and lower number of false positives than PAYL and PHAD
  • Keywords
    computer networks; security of data; self-organising feature maps; telecommunication security; 2-tier anomaly-based network intrusion detection system; DARPA data set; Defense Advanced Program Research Agency; POSEIDON; detection rate; false positives; self-organizing map; two-tier architecture; Data mining; Databases; Embedded system; Frequency; Gain control; Intrusion detection; Law; Legal factors; Payloads; Protection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Assurance, 2006. IWIA 2006. Fourth IEEE International Workshop on
  • Conference_Location
    London
  • Print_ISBN
    0-7695-2564-4
  • Type

    conf

  • DOI
    10.1109/IWIA.2006.18
  • Filename
    1610007
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3456318