期刊文献+
共找到540篇文章
< 1 2 27 >
每页显示 20 50 100
CNN Channel Attention Intrusion Detection SystemUsing NSL-KDD Dataset
1
作者 Fatma S.Alrayes Mohammed Zakariah +2 位作者 Syed Umar Amin Zafar Iqbal Khan Jehad Saad Alqurni 《Computers, Materials & Continua》 SCIE EI 2024年第6期4319-4347,共29页
Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,hi... Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,highly-adaptable Network Intrusion Detection Systems(NIDS)that can identify anomalies.The NSL-KDD dataset is used in the study;it is a sizable collection comprising 43 variables with the label’s“attack”and“level.”It proposes a novel approach to intrusion detection based on the combination of channel attention and convolutional neural networks(CNN).Furthermore,this dataset makes it easier to conduct a thorough assessment of the suggested intrusion detection strategy.Furthermore,maintaining operating efficiency while improving detection accuracy is the primary goal of this work.Moreover,typical NIDS examines both risky and typical behavior using a variety of techniques.On the NSL-KDD dataset,our CNN-based approach achieves an astounding 99.728%accuracy rate when paired with channel attention.Compared to previous approaches such as ensemble learning,CNN,RBM(Boltzmann machine),ANN,hybrid auto-encoders with CNN,MCNN,and ANN,and adaptive algorithms,our solution significantly improves intrusion detection performance.Moreover,the results highlight the effectiveness of our suggested method in improving intrusion detection precision,signifying a noteworthy advancement in this field.Subsequent efforts will focus on strengthening and expanding our approach in order to counteract growing cyberthreats and adjust to changing network circumstances. 展开更多
关键词 intrusion detection system(ids) NSL-KDD dataset deep-learning MACHINE-LEARNING CNN channel Attention network security
下载PDF
A Hybrid DNN-RBFNN Model for Intrusion Detection System
2
作者 Wafula Maurice Oboya Anthony Waititu Gichuhi Anthony Wanjoya 《Journal of Data Analysis and Information Processing》 2023年第4期371-387,共17页
Intrusion Detection Systems (IDS) are pivotal in safeguarding computer networks from malicious activities. This study presents a novel approach by proposing a Hybrid Dense Neural Network-Radial Basis Function Neural N... Intrusion Detection Systems (IDS) are pivotal in safeguarding computer networks from malicious activities. This study presents a novel approach by proposing a Hybrid Dense Neural Network-Radial Basis Function Neural Network (DNN-RBFNN) architecture to enhance the accuracy and efficiency of IDS. The hybrid model synergizes the strengths of both dense learning and radial basis function networks, aiming to address the limitations of traditional IDS techniques in classifying packets that could result in Remote-to-local (R2L), Denial of Service (Dos), and User-to-root (U2R) intrusions. 展开更多
关键词 Dense Neural Network (DNN) Radial Basis Function Neural Network (RBFNN) intrusion detection System (ids) Denial of Service (DoS) Remote to Local (R2L) User-to-Root (U2R)
下载PDF
XA-GANomaly: An Explainable Adaptive Semi-Supervised Learning Method for Intrusion Detection Using GANomaly 被引量:2
3
作者 Yuna Han Hangbae Chang 《Computers, Materials & Continua》 SCIE EI 2023年第7期221-237,共17页
Intrusion detection involves identifying unauthorized network activity and recognizing whether the data constitute an abnormal network transmission.Recent research has focused on using semi-supervised learning mechani... Intrusion detection involves identifying unauthorized network activity and recognizing whether the data constitute an abnormal network transmission.Recent research has focused on using semi-supervised learning mechanisms to identify abnormal network traffic to deal with labeled and unlabeled data in the industry.However,real-time training and classifying network traffic pose challenges,as they can lead to the degradation of the overall dataset and difficulties preventing attacks.Additionally,existing semi-supervised learning research might need to analyze the experimental results comprehensively.This paper proposes XA-GANomaly,a novel technique for explainable adaptive semi-supervised learning using GANomaly,an image anomalous detection model that dynamically trains small subsets to these issues.First,this research introduces a deep neural network(DNN)-based GANomaly for semi-supervised learning.Second,this paper presents the proposed adaptive algorithm for the DNN-based GANomaly,which is validated with four subsets of the adaptive dataset.Finally,this study demonstrates a monitoring system that incorporates three explainable techniques—Shapley additive explanations,reconstruction error visualization,and t-distributed stochastic neighbor embedding—to respond effectively to attacks on traffic data at each feature engineering stage,semi-supervised learning,and adaptive learning.Compared to other single-class classification techniques,the proposed DNN-based GANomaly achieves higher scores for Network Security Laboratory-Knowledge Discovery in Databases and UNSW-NB15 datasets at 13%and 8%of F1 scores and 4.17%and 11.51%for accuracy,respectively.Furthermore,experiments of the proposed adaptive learning reveal mostly improved results over the initial values.An analysis and monitoring system based on the combination of the three explainable methodologies is also described.Thus,the proposed method has the potential advantages to be applied in practical industry,and future research will explore handling unbalanced real-time datasets in various scenarios. 展开更多
关键词 intrusion detection system(ids) adaptive learning semi-supervised learning explainable artificial intelligence(XAI) monitoring system
下载PDF
Ensemble-Based Approach for Efficient Intrusion Detection in Network Traffic 被引量:2
4
作者 Ammar Almomani Iman Akour +5 位作者 Ahmed M.Manasrah Omar Almomani Mohammad Alauthman Esra’a Abdullah Amaal Al Shwait Razan Al Sharaa 《Intelligent Automation & Soft Computing》 SCIE 2023年第8期2499-2517,共19页
The exponential growth of Internet and network usage has neces-sitated heightened security measures to protect against data and network breaches.Intrusions,executed through network packets,pose a significant challenge... The exponential growth of Internet and network usage has neces-sitated heightened security measures to protect against data and network breaches.Intrusions,executed through network packets,pose a significant challenge for firewalls to detect and prevent due to the similarity between legit-imate and intrusion traffic.The vast network traffic volume also complicates most network monitoring systems and algorithms.Several intrusion detection methods have been proposed,with machine learning techniques regarded as promising for dealing with these incidents.This study presents an Intrusion Detection System Based on Stacking Ensemble Learning base(Random For-est,Decision Tree,and k-Nearest-Neighbors).The proposed system employs pre-processing techniques to enhance classification efficiency and integrates seven machine learning algorithms.The stacking ensemble technique increases performance by incorporating three base models(Random Forest,Decision Tree,and k-Nearest-Neighbors)and a meta-model represented by the Logistic Regression algorithm.Evaluated using the UNSW-NB15 dataset,the pro-posed IDS gained an accuracy of 96.16%in the training phase and 97.95%in the testing phase,with precision of 97.78%,and 98.40%for taring and testing,respectively.The obtained results demonstrate improvements in other measurement criteria. 展开更多
关键词 intrusion detection system(ids) machine learning techniques stacking ensemble random forest decision tree k-nearest-neighbor
下载PDF
Effective data transmission through energy-efficient clustering and Fuzzy-Based IDS routing approach in WSNs
5
作者 Saziya TABBASSUM Rajesh Kumar PATHAK 《虚拟现实与智能硬件(中英文)》 EI 2024年第1期1-16,共16页
Wireless sensor networks(WSN)gather information and sense information samples in a certain region and communicate these readings to a base station(BS).Energy efficiency is considered a major design issue in the WSNs,a... Wireless sensor networks(WSN)gather information and sense information samples in a certain region and communicate these readings to a base station(BS).Energy efficiency is considered a major design issue in the WSNs,and can be addressed using clustering and routing techniques.Information is sent from the source to the BS via routing procedures.However,these routing protocols must ensure that packets are delivered securely,guaranteeing that neither adversaries nor unauthentic individuals have access to the sent information.Secure data transfer is intended to protect the data from illegal access,damage,or disruption.Thus,in the proposed model,secure data transmission is developed in an energy-effective manner.A low-energy adaptive clustering hierarchy(LEACH)is developed to efficiently transfer the data.For the intrusion detection systems(IDS),Fuzzy logic and artificial neural networks(ANNs)are proposed.Initially,the nodes were randomly placed in the network and initialized to gather information.To ensure fair energy dissipation between the nodes,LEACH randomly chooses cluster heads(CHs)and allocates this role to the various nodes based on a round-robin management mechanism.The intrusion-detection procedure was then utilized to determine whether intruders were present in the network.Within the WSN,a Fuzzy interference rule was utilized to distinguish the malicious nodes from legal nodes.Subsequently,an ANN was employed to distinguish the harmful nodes from suspicious nodes.The effectiveness of the proposed approach was validated using metrics that attained 97%accuracy,97%specificity,and 97%sensitivity of 95%.Thus,it was proved that the LEACH and Fuzzy-based IDS approaches are the best choices for securing data transmission in an energy-efficient manner. 展开更多
关键词 Low energy adaptive clustering hierarchy(LEACH) intrusion detection system(ids) Wireless sensor network(WSN) Fuzzy logic and artificial neural network(ANN)
下载PDF
Multi-Zone-Wise Blockchain Based Intrusion Detection and Prevention System for IoT Environment
6
作者 Salaheddine Kably Tajeddine Benbarrad +1 位作者 Nabih Alaoui Mounir Arioua 《Computers, Materials & Continua》 SCIE EI 2023年第1期253-278,共26页
Blockchain merges technology with the Internet of Things(IoT)for addressing security and privacy-related issues.However,conventional blockchain suffers from scalability issues due to its linear structure,which increas... Blockchain merges technology with the Internet of Things(IoT)for addressing security and privacy-related issues.However,conventional blockchain suffers from scalability issues due to its linear structure,which increases the storage overhead,and Intrusion detection performed was limited with attack severity,leading to performance degradation.To overcome these issues,we proposed MZWB(Multi-Zone-Wise Blockchain)model.Initially,all the authenticated IoT nodes in the network ensure their legitimacy by using the Enhanced Blowfish Algorithm(EBA),considering several metrics.Then,the legitimately considered nodes for network construction for managing the network using Bayesian-Direct Acyclic Graph(B-DAG),which considers several metrics.The intrusion detection is performed based on two tiers.In the first tier,a Deep Convolution Neural Network(DCNN)analyzes the data packets by extracting packet flow features to classify the packets as normal,malicious,and suspicious.In the second tier,the suspicious packets are classified as normal or malicious using the Generative Adversarial Network(GAN).Finally,intrusion scenario performed reconstruction to reduce the severity of attacks in which Improved Monkey Optimization(IMO)is used for attack path discovery by considering several metrics,and the Graph cut utilized algorithm for attack scenario reconstruction(ASR).UNSW-NB15 and BoT-IoT utilized datasets for the MZWB method simulated using a Network simulator(NS-3.26).Compared with previous performance metrics such as energy consumption,storage overhead accuracy,response time,attack detection rate,precision,recall,and F-measure.The simulation result shows that the proposed MZWB method achieves high performance than existing works. 展开更多
关键词 IOT multi-zone-wise blockchain intrusion detection and prevention system edge computing network graph construction ids intrusion scenario reconstruction
下载PDF
A Comprehensive Analysis of Datasets for Automotive Intrusion Detection Systems
7
作者 Seyoung Lee Wonsuk Choi +2 位作者 InsupKim Ganggyu Lee Dong Hoon Lee 《Computers, Materials & Continua》 SCIE EI 2023年第9期3413-3442,共30页
Recently,automotive intrusion detection systems(IDSs)have emerged as promising defense approaches to counter attacks on in-vehicle networks(IVNs).However,the effectiveness of IDSs relies heavily on the quality of the ... Recently,automotive intrusion detection systems(IDSs)have emerged as promising defense approaches to counter attacks on in-vehicle networks(IVNs).However,the effectiveness of IDSs relies heavily on the quality of the datasets used for training and evaluation.Despite the availability of several datasets for automotive IDSs,there has been a lack of comprehensive analysis focusing on assessing these datasets.This paper aims to address the need for dataset assessment in the context of automotive IDSs.It proposes qualitative and quantitative metrics that are independent of specific automotive IDSs,to evaluate the quality of datasets.These metrics take into consideration various aspects such as dataset description,collection environment,and attack complexity.This paper evaluates eight commonly used datasets for automotive IDSs using the proposed metrics.The evaluation reveals biases in the datasets,particularly in terms of limited contexts and lack of diversity.Additionally,it highlights that the attacks in the datasets were mostly injected without considering normal behaviors,which poses challenges for training and evaluating machine learning-based IDSs.This paper emphasizes the importance of addressing the identified limitations in existing datasets to improve the performance and adaptability of automotive IDSs.The proposed metrics can serve as valuable guidelines for researchers and practitioners in selecting and constructing high-quality datasets for automotive security applications.Finally,this paper presents the requirements for high-quality datasets,including the need for representativeness,diversity,and balance. 展开更多
关键词 Controller area network(CAN) intrusion detection system(ids) automotive security machine learning(ML) DATASET
下载PDF
Intrusion Detection Using Federated Learning for Computing
8
作者 R.S.Aashmi T.Jaya 《Computer Systems Science & Engineering》 SCIE EI 2023年第5期1295-1308,共14页
The integration of clusters,grids,clouds,edges and other computing platforms result in contemporary technology of jungle computing.This novel technique has the aptitude to tackle high performance computation systems a... The integration of clusters,grids,clouds,edges and other computing platforms result in contemporary technology of jungle computing.This novel technique has the aptitude to tackle high performance computation systems and it manages the usage of all computing platforms at a time.Federated learning is a collaborative machine learning approach without centralized training data.The proposed system effectively detects the intrusion attack without human intervention and subsequently detects anomalous deviations in device communication behavior,potentially caused by malicious adversaries and it can emerge with new and unknown attacks.The main objective is to learn overall behavior of an intruder while performing attacks to the assumed target service.Moreover,the updated system model is send to the centralized server in jungle computing,to detect their pattern.Federated learning greatly helps the machine to study the type of attack from each device and this technique paves a way to complete dominion over all malicious behaviors.In our proposed work,we have implemented an intrusion detection system that has high accuracy,low False Positive Rate(FPR)scalable,and versatile for the jungle computing environment.The execution time taken to complete a round is less than two seconds,with an accuracy rate of 96%. 展开更多
关键词 Jungle computing high performance computation federated learning false positive rate intrusion detection system(ids)
下载PDF
Improved Monarchy Butterfly Optimization Algorithm (IMBO): Intrusion Detection Using Mapreduce Framework Based Optimized ANU-Net
9
作者 Kunda Suresh Babu Yamarthi Narasimha Rao 《Computers, Materials & Continua》 SCIE EI 2023年第6期5887-5909,共23页
The demand for cybersecurity is rising recently due to the rapid improvement of network technologies.As a primary defense mechanism,an intrusion detection system(IDS)was anticipated to adapt and secure com-puting infr... The demand for cybersecurity is rising recently due to the rapid improvement of network technologies.As a primary defense mechanism,an intrusion detection system(IDS)was anticipated to adapt and secure com-puting infrastructures from the constantly evolving,sophisticated threat land-scape.Recently,various deep learning methods have been put forth;however,these methods struggle to recognize all forms of assaults,especially infrequent attacks,because of network traffic imbalances and a shortage of aberrant traffic samples for model training.This work introduces deep learning(DL)based Attention based Nested U-Net(ANU-Net)for intrusion detection to address these issues and enhance detection performance.For this IDS model,the first data preprocessing is carried out in three stages:duplication elimi-nation,label transformation,and data normalization.Then the features are extracted and selected based on the Improved Flower Pollination Algorithm(IFPA).The Improved Monarchy Butterfly Optimization Algorithm(IMBO),a new metaheuristic,is used to modify the hyper-parameters in ANU-Net,effectively increasing the learning rate for spatial-temporal information and resolving the imbalance problem.Through the use of parallel programming,the MapReduce architecture reduces computation complexity while signifi-cantly accelerating processing.Three publicly available data sets were used to evaluate and test the approach.The investigational outcomes suggest that the proposed technique can more efficiently boost the performances of IDS under the scenario of unbalanced data.The proposed method achieves above 98%accuracy and classifies various attacks significantly well compared to other classifiers. 展开更多
关键词 intrusion detection system(ids) attention based nested U-Net
下载PDF
Intrusion Detection Using Ensemble Wrapper Filter Based Feature Selection with Stacking Model
10
作者 D.Karthikeyan V.Mohan Raj +1 位作者 J.Senthilkumar Y.Suresh 《Intelligent Automation & Soft Computing》 SCIE 2023年第1期645-659,共15页
The number of attacks is growing tremendously in tandem with the growth of internet technologies.As a result,protecting the private data from prying eyes has become a critical and tough undertaking.Many intrusion dete... The number of attacks is growing tremendously in tandem with the growth of internet technologies.As a result,protecting the private data from prying eyes has become a critical and tough undertaking.Many intrusion detection solutions have been offered by researchers in order to decrease the effect of these attacks.For attack detection,the prior system has created an SMSRPF(Stacking Model Significant Rule Power Factor)classifier.To provide creative instance detection,the SMSRPF combines the detection of trained classifiers such as DT(Decision Tree)and RF(Random Forest).Nevertheless,it does not generate any accuratefindings that are adequate.The suggested system has built an EWF(Ensemble Wrapper Filter)feature selection with SMSRPF classifier for attack detection so as to overcome this problem.The UNSW-NB15 dataset is used as an input in this proposed research project.Specifically,min–max normalization approach is used to pre-process the incoming data.The feature selection is then carried out using EWF.Based on the selected features,SMSRPF classifiers are utilized to detect the attacks.The SMSRPF is integrated with the trained classi-fiers such as DT and RF to create creative instance detection.After that,the testing data is classified using MCAR(Multi-Class Classification based on Association Rules).The SRPF judges the rules correctly even when the confidence and the lift measures fail.Regarding accuracy,precision,recall,f-measure,computation time,and error,the experimental findings suggest that the new system outperforms the prior systems. 展开更多
关键词 intrusion detection system(ids) ensemble wrapperfilter(EWF) stacking model with significant rule power factor(SMSRPF) classifier
下载PDF
A New Database Intrusion Detection Approach Based on Hybrid Meta-Heuristics 被引量:9
11
作者 Youseef Alotaibi 《Computers, Materials & Continua》 SCIE EI 2021年第2期1879-1895,共17页
A new secured database management system architecture using intrusion detection systems(IDS)is proposed in this paper for organizations with no previous role mapping for users.A simple representation of Structured Que... A new secured database management system architecture using intrusion detection systems(IDS)is proposed in this paper for organizations with no previous role mapping for users.A simple representation of Structured Query Language queries is proposed to easily permit the use of the worked clustering algorithm.A new clustering algorithm that uses a tube search with adaptive memory is applied to database log files to create users’profiles.Then,queries issued for each user are checked against the related user profile using a classifier to determine whether or not each query is malicious.The IDS will stop query execution or report the threat to the responsible person if the query is malicious.A simple classifier based on the Euclidean distance is used and the issued query is transformed to the proposed simple representation using a classifier,where the Euclidean distance between the centers and the profile’s issued query is calculated.A synthetic data set is used for our experimental evaluations.Normal user access behavior in relation to the database is modelled using the data set.The false negative(FN)and false positive(FP)rates are used to compare our proposed algorithm with other methods.The experimental results indicate that our proposed method results in very small FN and FP rates. 展开更多
关键词 Adaptive search memory clustering database management system(DBMS) intrusion detection system(ids) quiplets structured query language(SQL) tube search
下载PDF
AN INTRUSION DETECTION SYSTEM BASED ON EVIDENCE THEORY AND ROUGH SET THEORY 被引量:2
12
作者 Ye Qing Wu Xiaoping Zhang Changhong 《Journal of Electronics(China)》 2009年第6期777-781,共5页
In this paper,we propose a novel Intrusion Detection System (IDS) architecture utilizing both the evidence theory and Rough Set Theory (RST). Evidence theory is an effective tool in dealing with uncertainty question. ... In this paper,we propose a novel Intrusion Detection System (IDS) architecture utilizing both the evidence theory and Rough Set Theory (RST). Evidence theory is an effective tool in dealing with uncertainty question. It relies on the expert knowledge to provide evidences,needing the evidences to be independent,and this make it difficult in application. To solve this problem,a hybrid system of rough sets and evidence theory is proposed. Firstly,simplification are made based on Variable Precision Rough Set (VPRS) conditional entropy. Thus,the Basic Belief Assignment (BBA) for all evidences can be calculated. Secondly,Dempster’s rule of combination is used,and a decision-making is given. In the proposed approach,the difficulties in acquiring the BBAs are solved,the correlativity among the evidences is reduced and the subjectivity of evidences is weakened. An illustrative example in an intrusion detection shows that the two theories combination is feasible and effective. 展开更多
关键词 intrusion detection System (ids Evidence theory Rough Set Theory (RST)
下载PDF
Hybrid Optimization of Support Vector Machine for Intrusion Detection
13
作者 席福利 郁松年 +1 位作者 HAO Wei 《Journal of Donghua University(English Edition)》 EI CAS 2005年第3期51-56,共6页
Support vector machine (SVM) technique has recently become a research focus in intrusion detection field for its better generalization performance when given less priori knowledge than other soft-computing techniques.... Support vector machine (SVM) technique has recently become a research focus in intrusion detection field for its better generalization performance when given less priori knowledge than other soft-computing techniques. But the randomicity of parameter selection in its implement often prevents it achieving expected performance. By utilizing genetic algorithm (GA) to optimize the parameters in data preprocessing and the training model of SVM simultaneously, a hybrid optimization algorithm is proposed in the paper to address this problem. The experimental results demonstrate that it’s an effective method and can improve the performance of SVM-based intrusion detection system further. 展开更多
关键词 intrusion detection system ids) support vector machine SVM) genetic algorithm GA system call trace ξα-estimator sequential minimal optimization(SMO)
下载PDF
False Positive Alerts Reduction by Correlating the Intrusion Detection System Alerts: Investigation Study
14
作者 Homam EI-Taj Omar Abouabdalla Ahmed Manasrah 《通讯和计算机(中英文版)》 2010年第3期25-31,共7页
关键词 入侵检测系统 报警关联 假阳性结果 虚假警报 计算机环境 报警处理 严重程度 研究人员
下载PDF
Intrusion Detection System for PS-Poll DoS Attack in 802.11 Networks Using Real Time Discrete Event System 被引量:5
15
作者 Mayank Agarwal Sanketh Purwar +1 位作者 Santosh Biswas Sukumar Nandi 《IEEE/CAA Journal of Automatica Sinica》 SCIE EI CSCD 2017年第4期792-808,共17页
Wi-Fi devices have limited battery life because of which conserving battery life is imperative. The 802.11 Wi-Fi standard provides power management feature that allows stations(STAs) to enter into sleep state to prese... Wi-Fi devices have limited battery life because of which conserving battery life is imperative. The 802.11 Wi-Fi standard provides power management feature that allows stations(STAs) to enter into sleep state to preserve energy without any frame losses. After the STA wakes up, it sends a null data or PS-Poll frame to retrieve frame(s) buffered by the access point(AP), if any during its sleep period. An attacker can launch a power save denial of service(PS-DoS) attack on the sleeping STA(s) by transmitting a spoofed null data or PS-Poll frame(s) to retrieve the buffered frame(s) of the sleeping STA(s) from the AP causing frame losses for the targeted STA(s). Current approaches to prevent or detect the PS-DoS attack require encryption,change in protocol or installation of proprietary hardware. These solutions suffer from expensive setup, maintenance, scalability and deployment issues. The PS-DoS attack does not differ in semantics or statistics under normal and attack circumstances.So signature and anomaly based intrusion detection system(IDS) are unfit to detect the PS-DoS attack. In this paper we propose a timed IDS based on real time discrete event system(RTDES) for detecting PS-DoS attack. The proposed DES based IDS overcomes the drawbacks of existing systems and detects the PS-DoS attack with high accuracy and detection rate. The correctness of the RTDES based IDS is proved by experimenting all possible attack scenarios. 展开更多
关键词 Fault detection and diagnosis intrusion detection system(ids) null data frame power save attack PS-Poll frame real time discrete event system(DES)
下载PDF
An Intrusion Detection Algorithm Based on Feature Graph 被引量:4
16
作者 Xiang Yu Zhihong Tian +2 位作者 Jing Qiu Shen Su Xiaoran Yan 《Computers, Materials & Continua》 SCIE EI 2019年第7期255-273,共19页
With the development of Information technology and the popularization of Internet,whenever and wherever possible,people can connect to the Internet optionally.Meanwhile,the security of network traffic is threatened by... With the development of Information technology and the popularization of Internet,whenever and wherever possible,people can connect to the Internet optionally.Meanwhile,the security of network traffic is threatened by various of online malicious behaviors.The aim of an intrusion detection system(IDS)is to detect the network behaviors which are diverse and malicious.Since a conventional firewall cannot detect most of the malicious behaviors,such as malicious network traffic or computer abuse,some advanced learning methods are introduced and integrated with intrusion detection approaches in order to improve the performance of detection approaches.However,there are very few related studies focusing on both the effective detection for attacks and the representation for malicious behaviors with graph.In this paper,a novel intrusion detection approach IDBFG(Intrusion Detection Based on Feature Graph)is proposed which first filters normal connections with grid partitions,and then records the patterns of various attacks with a novel graph structure,and the behaviors in accordance with the patterns in graph are detected as intrusion behaviors.The experimental results on KDD-Cup 99 dataset show that IDBFG performs better than SVM(Supprot Vector Machines)and Decision Tree which are trained and tested in original feature space in terms of detection rates,false alarm rates and run time. 展开更多
关键词 intrusion detection machine learning ids feature graph grid partitions
下载PDF
Protecting Against Address Space Layout Randomisation (ASLR) Compromises and Return-to-Libc Attacks Using Network Intrusion Detection Systems 被引量:2
17
作者 David J Day Zheng-Xu Zhao 《International Journal of Automation and computing》 EI 2011年第4期472-483,共12页
Writable XOR executable (W⊕X) and address space layout randomisation (ASLR) have elevated the understanding necessary to perpetrate buffer overflow exploits [1] . However, they have not proved to be a panacea [1 ... Writable XOR executable (W⊕X) and address space layout randomisation (ASLR) have elevated the understanding necessary to perpetrate buffer overflow exploits [1] . However, they have not proved to be a panacea [1 3] , and so other mechanisms, such as stack guards and prelinking, have been introduced. In this paper, we show that host-based protection still does not offer a complete solution. To demonstrate the protection inadequacies, we perform an over the network brute force return-to-libc attack against a preforking concurrent server to gain remote access to a shell. The attack defeats host protection including W⊕X and ASLR. We then demonstrate that deploying a network intrusion detection systems (NIDS) with appropriate signatures can detect this attack efficiently. 展开更多
关键词 Buffer overflow stack overflow intrusion detection systems (ids signature rules return-to-libc attack pre-forking.
下载PDF
Classification Model for IDS Using Auto Cryptographic Denoising Technique
18
作者 N.Karthikeyan P.Sivaprakash S.Karthik 《Computer Systems Science & Engineering》 SCIE EI 2023年第4期671-685,共15页
Intrusion detection systems(IDS)are one of the most promising ways for securing data and networks;In recent decades,IDS has used a variety of categorization algorithms.These classifiers,on the other hand,do not work e... Intrusion detection systems(IDS)are one of the most promising ways for securing data and networks;In recent decades,IDS has used a variety of categorization algorithms.These classifiers,on the other hand,do not work effectively unless they are combined with additional algorithms that can alter the classifier’s parameters or select the optimal sub-set of features for the problem.Optimizers are used in tandem with classifiers to increase the stability and with efficiency of the classifiers in detecting invasion.These algorithms,on the other hand,have a number of limitations,particularly when used to detect new types of threats.In this paper,the NSL KDD dataset and KDD Cup 99 is used to find the performance of the proposed classifier model and compared;These two IDS dataset is preprocessed,then Auto Cryptographic Denoising(ACD)adopted to remove noise in the feature of the IDS dataset;the classifier algorithms,K-Means and Neural network classifies the dataset with adam optimizer.IDS classifier is evaluated by measuring performance measures like f-measure,recall,precision,detection rate and accuracy.The neural network obtained the highest classifying accuracy as 91.12%with drop-out function that shows the efficiency of the classifier model with drop-out function for KDD Cup99 dataset.Explaining their power and limitations in the proposed methodology that could be used in future works in the IDS area. 展开更多
关键词 Auto cryptographic denoising(ACD) classifier intrusion detection system(ids) OPTIMIZER performance measures
下载PDF
An Intrusion Detection Algorithm for Wireless Networks Based on ASDL 被引量:1
19
作者 Weijun Zhu Miaolei Deng Qinglei Zhou 《IEEE/CAA Journal of Automatica Sinica》 SCIE EI CSCD 2018年第1期92-107,共16页
Wireless networks are more vulnerable to cyberattacks than cable networks. Compared with the misuse intrusion detection techniques based on pattern matching, the techniques based on model checking(MC) have a series of... Wireless networks are more vulnerable to cyberattacks than cable networks. Compared with the misuse intrusion detection techniques based on pattern matching, the techniques based on model checking(MC) have a series of comparative advantages. However, the temporal logics employed in the existing latter techniques cannot express conveniently the complex attacks with synchronization phenomenon. To address this problem, we formalize a novel temporal logic language called attack signature description language(ASDL). On the basis of it, we put forward an ASDL model checking algorithm. Furthermore, we use ASDL programs, which can be considered as temporal logic formulas,to describe attack signatures, and employ other ASDL programs to create an audit log. As a result, the ASDL model checking algorithm can be presented for automatically verifying whether or not the latter programs satisfy the formulas, that is, whether or not the audit log coincides with the attack signatures. Thus,an intrusion detection algorithm based on ASDL is obtained. The case studies and simulations show that the new method can find coordinated chop-chop attacks. 展开更多
关键词 Attack signature description language(ASDL) intrusion detection(id) model checking(MC) temporal logic
下载PDF
A High-level Architecture for Intrusion Detection on Heterogeneous Wireless Sensor Networks: Hierarchical, Scalable and Dynamic Reconfigurable 被引量:2
20
作者 Hossein Jadidoleslamy 《Wireless Sensor Network》 2011年第7期241-261,共21页
Networks protection against different types of attacks is one of most important posed issue into the network and information security domains. This problem on Wireless Sensor Networks (WSNs), in attention to their spe... Networks protection against different types of attacks is one of most important posed issue into the network and information security domains. This problem on Wireless Sensor Networks (WSNs), in attention to their special properties, has more importance. Now, there are some of proposed solutions to protect Wireless Sensor Networks (WSNs) against different types of intrusions;but no one of them has a comprehensive view to this problem and they are usually designed in single-purpose;but, the proposed design in this paper has been a comprehensive view to this issue by presenting a complete Intrusion Detection Architecture (IDA). The main contribution of this architecture is its hierarchical structure;i.e. it is designed and applicable, in one, two or three levels, consistent to the application domain and its required security level. Focus of this paper is on the clustering WSNs, designing and deploying Sensor-based Intrusion Detection System (SIDS) on sensor nodes, Cluster-based Intrusion Detection System (CIDS) on cluster-heads and Wireless Sensor Network wide level Intrusion Detection System (WSNIDS) on the central server. Suppositions of the WSN and Intrusion Detection Architecture (IDA) are: static and heterogeneous network, hierarchical, distributed and clustering structure along with clusters' overlapping. Finally, this paper has been designed a questionnaire to verify the proposed idea;then it analyzed and evaluated the acquired results from the questionnaires. 展开更多
关键词 Wireless Sensor Network (WSN) Security intrusion detectION System (ids) HIERARCHICAL Distributed SCALABLE DYNAMIC RECONFIGURABLE Attack detection.
下载PDF
上一页 1 2 27 下一页 到第
使用帮助 返回顶部