Poseidon: a 2-tier Anomaly-based Intrusion Detection System

Damiano Bolzoni; Emmanuele Zambon; Pieter Hartel; Sandro Etalle

arxiv: cs/0511043 · v4 · submitted 2005-11-11 · 💻 cs.CR

Poseidon: a 2-tier Anomaly-based Intrusion Detection System

Damiano Bolzoni , Emmanuele Zambon , Sandro Etalle , Pieter Hartel This is my paper

classification 💻 cs.CR

keywords detectionposeidonsystemintrusionpaylanomalyanomaly-basedarchitecture

0 comments

read the original abstract

We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection rate and lower number of false positives than PAYL and PHAD.

This paper has not been read by Pith yet.

Poseidon: a 2-tier Anomaly-based Intrusion Detection System

discussion (0)