Dynamic Intrusion Detection in Resource-Constrained Cyber Networks

Download Now Date Added: Dec 2011
Format: PDF

The objective of Intrusion Detection Systems (IDS) is to locate malicious activities (e.g., denial of service attack, port scans, hackers) in the quickest way such that the infected parts can be timely fixed to minimize the overall damage to the network. With the increasing size, diversity, and interconnectivity of the cyber system, however, intrusion detection faces the challenge of scalability: how to rapidly locate intrusions and anomalies in a large dynamic network with limited resources. The two basic approaches to intrusion detection, namely, active probing and passive monitoring, face stringent resource constraints when the network is large and dynamic