The experiments carried out in this project show that there generally is little difference between Suricata and Snort's ability to detect malicious traffic.
Suricata is compatible with signatures written in snort lightweight rules description language. The purposed framework applies additional latency to the analysis of IDS events.
In this thesis, we propose a novel intrusion detection system that uses machine learning algorithms to detect security anomalies in Io T networks.
This detection platform provides security as a service and facilitates interoperability between various network communication protocols used in Io T.
With the increase in number of Internet connected devices, security and privacy concerns are the major obstacles impeding the widespread adoption of Internet of Things (Io T).
Securing Io T has become a huge area of concern for all, including the consumers, organizations as well as the government.
In the first model, the distribution utility probabilistically chooses to use IDS with a default (fixed) configuration.
In the second model, the distribution utility can configure/tune the IDS to achieve an optimal operating point (i.e.
Our results show that for, the game with default IDS configuration, the distribution utility does not use the IDS in equilibrium if the fraction of fraudulent customers is less than a critical fraction.
Also the distribution utility realizes a positive "value of IDS" only if one or both have the following conditions hold: (a) the ratio of detection probability and false alarm probability is greater than a critical ratio, (b) the fraction of fraudulent customers is greater than the critical fraction.