Poseidon: a 2-tier Anomaly-based Network Intrusion Detection System

D. Bolzoni, Emmanuele Zambon, Sandro Etalle, Pieter H. Hartel

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    55 Citations (Scopus)
    57 Downloads (Pure)

    Abstract

    We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection rate and lower number of false positives than PAYL and PHAD.
    Original languageEnglish
    Title of host publicationFourth IEEE International Workshop on Information Assurance (IWIA 2006)
    Subtitle of host publicationproceedings, 13-14 April 2006, Royal Holloway, United Kingdom
    EditorsJack Cole, Stephen D. Wolthusen
    Place of PublicationLos Alamitos, CA
    PublisherIEEE Computer Society
    Pages144-156
    Number of pages10
    ISBN (Print)0-7695-2564-4
    DOIs
    Publication statusPublished - Apr 2006
    Event4th IEEE International Workshop on Information Assurance, IWIA 2006 - London, United Kingdom
    Duration: 13 Apr 200614 Apr 2006
    Conference number: 4

    Workshop

    Workshop4th IEEE International Workshop on Information Assurance, IWIA 2006
    Abbreviated titleIWIA
    CountryUnited Kingdom
    CityLondon
    Period13/04/0614/04/06

    Fingerprint

    Self organizing maps
    Intrusion detection

    Keywords

    • security of data
    • SCS-Cybersecurity
    • METIS-237425
    • self-organising feature maps
    • Computer Networks
    • telecommunication security
    • EWI-1326
    • IR-64935

    Cite this

    Bolzoni, D., Zambon, E., Etalle, S., & Hartel, P. H. (2006). Poseidon: a 2-tier Anomaly-based Network Intrusion Detection System. In J. Cole, & S. D. Wolthusen (Eds.), Fourth IEEE International Workshop on Information Assurance (IWIA 2006): proceedings, 13-14 April 2006, Royal Holloway, United Kingdom (pp. 144-156). Los Alamitos, CA: IEEE Computer Society. https://doi.org/10.1109/IWIA.2006.18
    Bolzoni, D. ; Zambon, Emmanuele ; Etalle, Sandro ; Hartel, Pieter H. / Poseidon: a 2-tier Anomaly-based Network Intrusion Detection System. Fourth IEEE International Workshop on Information Assurance (IWIA 2006): proceedings, 13-14 April 2006, Royal Holloway, United Kingdom. editor / Jack Cole ; Stephen D. Wolthusen. Los Alamitos, CA : IEEE Computer Society, 2006. pp. 144-156
    @inproceedings{26b100a23e384f1c9f1783f37d4519c7,
    title = "Poseidon: a 2-tier Anomaly-based Network Intrusion Detection System",
    abstract = "We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection rate and lower number of false positives than PAYL and PHAD.",
    keywords = "security of data, SCS-Cybersecurity, METIS-237425, self-organising feature maps, Computer Networks, telecommunication security, EWI-1326, IR-64935",
    author = "D. Bolzoni and Emmanuele Zambon and Sandro Etalle and Hartel, {Pieter H.}",
    year = "2006",
    month = "4",
    doi = "10.1109/IWIA.2006.18",
    language = "English",
    isbn = "0-7695-2564-4",
    pages = "144--156",
    editor = "Jack Cole and Wolthusen, {Stephen D.}",
    booktitle = "Fourth IEEE International Workshop on Information Assurance (IWIA 2006)",
    publisher = "IEEE Computer Society",
    address = "United States",

    }

    Bolzoni, D, Zambon, E, Etalle, S & Hartel, PH 2006, Poseidon: a 2-tier Anomaly-based Network Intrusion Detection System. in J Cole & SD Wolthusen (eds), Fourth IEEE International Workshop on Information Assurance (IWIA 2006): proceedings, 13-14 April 2006, Royal Holloway, United Kingdom. IEEE Computer Society, Los Alamitos, CA, pp. 144-156, 4th IEEE International Workshop on Information Assurance, IWIA 2006, London, United Kingdom, 13/04/06. https://doi.org/10.1109/IWIA.2006.18

    Poseidon: a 2-tier Anomaly-based Network Intrusion Detection System. / Bolzoni, D.; Zambon, Emmanuele; Etalle, Sandro; Hartel, Pieter H.

    Fourth IEEE International Workshop on Information Assurance (IWIA 2006): proceedings, 13-14 April 2006, Royal Holloway, United Kingdom. ed. / Jack Cole; Stephen D. Wolthusen. Los Alamitos, CA : IEEE Computer Society, 2006. p. 144-156.

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    TY - GEN

    T1 - Poseidon: a 2-tier Anomaly-based Network Intrusion Detection System

    AU - Bolzoni, D.

    AU - Zambon, Emmanuele

    AU - Etalle, Sandro

    AU - Hartel, Pieter H.

    PY - 2006/4

    Y1 - 2006/4

    N2 - We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection rate and lower number of false positives than PAYL and PHAD.

    AB - We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system. Our benchmarks on the 1999 DARPA data set show a higher detection rate and lower number of false positives than PAYL and PHAD.

    KW - security of data

    KW - SCS-Cybersecurity

    KW - METIS-237425

    KW - self-organising feature maps

    KW - Computer Networks

    KW - telecommunication security

    KW - EWI-1326

    KW - IR-64935

    U2 - 10.1109/IWIA.2006.18

    DO - 10.1109/IWIA.2006.18

    M3 - Conference contribution

    SN - 0-7695-2564-4

    SP - 144

    EP - 156

    BT - Fourth IEEE International Workshop on Information Assurance (IWIA 2006)

    A2 - Cole, Jack

    A2 - Wolthusen, Stephen D.

    PB - IEEE Computer Society

    CY - Los Alamitos, CA

    ER -

    Bolzoni D, Zambon E, Etalle S, Hartel PH. Poseidon: a 2-tier Anomaly-based Network Intrusion Detection System. In Cole J, Wolthusen SD, editors, Fourth IEEE International Workshop on Information Assurance (IWIA 2006): proceedings, 13-14 April 2006, Royal Holloway, United Kingdom. Los Alamitos, CA: IEEE Computer Society. 2006. p. 144-156 https://doi.org/10.1109/IWIA.2006.18