EEMCS

Home > Publications
Home University of Twente
Education
Research
Prospective Students
Jobs
Publications
Intranet (internal)
 
 Nederlands
 Contact
 Search
 Organisation

EEMCS EPrints Service


720 Poseidon: A 2-tier Anomaly-based Intrusion Detection System
Home Policy Brochure Browse Search User Area Contact Help

Bolzoni, D. and Zambon, Emmanuele and Etalle, S. and Hartel, P.H. (2005) Poseidon: A 2-tier Anomaly-based Intrusion Detection System. Technical Report TR-CTIT-05-53, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625

Full text available as:

PDF

690 Kb
Open Access



Official URL: http://arxiv.org/abs/cs.CR/0511043

Exported to Metis

Abstract

We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection rate and lower number of false positives than PAYL and PHAD.

Item Type:Internal Report (Technical Report)
Research Group:EWI-DIES: Distributed and Embedded Security
Research Program:CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
Research Project:IPID: Integrated Policy-based Intrusion Detection
Additional Information:Imported from DIES
ID Code:720
Deposited On:12 December 2005
Refereed:No
More Information:statisticsmetis

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item