POSEIDON: a 2-tier Anomaly-based Network Intrusion Detection System

Royal Holloway, United Kingdom April 13-April 14

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/IWIA.2006.18

Fourth IEEE International Workshop on ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Damiano Bolzoni Articles by Sandro Etalle Articles by Pieter Hartel Articles by Emmanuele Zambon

	ASCII Text	x
	Damiano Bolzoni, Sandro Etalle, Pieter Hartel, Emmanuele Zambon, "POSEIDON: a 2-tier Anomaly-based Network Intrusion Detection System," Information Assurance, IEEE International Workshop on/Innovative Architecture for Future Generation High-Performance Processors and Systems, International Workshop on/Innovative Architecture, International Workshop on, pp. 144-156, Fourth IEEE International Workshop on Information Assurance (IWIA'06), 2006.

	BibTex	x
	@article{ 10.1109/IWIA.2006.18, author = {Damiano Bolzoni and Sandro Etalle and Pieter Hartel and Emmanuele Zambon}, title = {POSEIDON: a 2-tier Anomaly-based Network Intrusion Detection System}, journal ={Information Assurance, IEEE International Workshop on/Innovative Architecture for Future Generation High-Performance Processors and Systems, International Workshop on/Innovative Architecture, International Workshop on}, volume = {0}, year = {2006}, isbn = {0-7695-2564-4}, pages = {144-156}, doi = {http://doi.ieeecomputersociety.org/10.1109/IWIA.2006.18}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Information Assurance, IEEE International Workshop on/Innovative Architecture for Future Generation High-Performance Processors and Systems, International Workshop on/Innovative Architecture, International Workshop on TI - POSEIDON: a 2-tier Anomaly-based Network Intrusion Detection System SN - 0-7695-2564-4 SP144 EP156 A1 - Damiano Bolzoni, A1 - Sandro Etalle, A1 - Pieter Hartel, A1 - Emmanuele Zambon, PY - 2006 KW - null VL - 0 JA - Information Assurance, IEEE International Workshop on/Innovative Architecture for Future Generation High-Performance Processors and Systems, International Workshop on/Innovative Architecture, International Workshop on ER -

Damiano Bolzoni, University of Twente, Netherlands

Sandro Etalle, University of Twente, Netherlands

Pieter Hartel, University of Twente, Netherlands

Emmanuele Zambon, Universita Ca Foscari di Venezia, Italy

We present POSEIDON, a new anomaly-based network intrusion detection system. POSEIDON is payload-based, and has a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection rate and lower number of false positives than PAYL and PHAD.

Citation:

Damiano Bolzoni, Sandro Etalle, Pieter Hartel, Emmanuele Zambon, "POSEIDON: a 2-tier Anomaly-based Network Intrusion Detection System," iwia, pp.144-156, Fourth IEEE International Workshop on Information Assurance (IWIA'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.