Poseidon: A 2-tier Anomaly-based Intrusion Detection System

D. Bolzoni, Emmanuele Zambon, Sandro Etalle, Pieter H. Hartel

    Research output: Book/ReportReportProfessional

    22 Downloads (Pure)

    Abstract

    We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection rate and lower number of false positives than PAYL and PHAD.
    Original languageUndefined
    Place of PublicationEnschede
    PublisherCentre for Telematics and Information Technology (CTIT)
    Number of pages11
    Publication statusPublished - Nov 2005

    Publication series

    NameCTIT Technical Report Series
    No.05-53
    ISSN (Print)1381-3625

    Keywords

    • IR-54544
    • EWI-720
    • METIS-228800
    • SCS-Cybersecurity

    Cite this