The research literature on cybersecurity incident response is very rich in automatic intrusion detection methodologies. The most accepted approach to compare the detection performance of the methods is by using a real traffic data set where normal traffic and anomalies are conveniently combined and labeled. In this paper, we follow this approach in a real network where a number of controlled attacks...
Financed by the National Centre for Research and Development under grant No. SP/I/1/77065/10 by the strategic scientific research and experimental development program:
SYNAT - “Interdisciplinary System for Interactive Scientific and Scientific-Technical Information”.