期刊文献+
共找到12篇文章
< 1 >
每页显示 20 50 100
Protecting Against Address Space Layout Randomisation (ASLR) Compromises and Return-to-Libc Attacks Using Network Intrusion Detection Systems 被引量:2
1
作者 David J Day Zheng-Xu Zhao 《International Journal of Automation and computing》 EI 2011年第4期472-483,共12页
Writable XOR executable (W⊕X) and address space layout randomisation (ASLR) have elevated the understanding necessary to perpetrate buffer overflow exploits [1] . However, they have not proved to be a panacea [1 ... Writable XOR executable (W⊕X) and address space layout randomisation (ASLR) have elevated the understanding necessary to perpetrate buffer overflow exploits [1] . However, they have not proved to be a panacea [1 3] , and so other mechanisms, such as stack guards and prelinking, have been introduced. In this paper, we show that host-based protection still does not offer a complete solution. To demonstrate the protection inadequacies, we perform an over the network brute force return-to-libc attack against a preforking concurrent server to gain remote access to a shell. The attack defeats host protection including W⊕X and ASLR. We then demonstrate that deploying a network intrusion detection systems (NIDS) with appropriate signatures can detect this attack efficiently. 展开更多
关键词 Buffer overflow stack overflow intrusion detection systems (IDS) signature rules return-to-libc attack pre-forking.
下载PDF
Intrusion Detection Systems in Internet of Things and Mobile Ad-Hoc Networks 被引量:2
2
作者 Vasaki Ponnusamy Mamoona Humayun +2 位作者 NZJhanjhi Aun Yichiet Maram Fahhad Almufareh 《Computer Systems Science & Engineering》 SCIE EI 2022年第3期1199-1215,共17页
Internet of Things(IoT)devices work mainly in wireless mediums;requiring different Intrusion Detection System(IDS)kind of solutions to leverage 802.11 header information for intrusion detection.Wireless-specific traff... Internet of Things(IoT)devices work mainly in wireless mediums;requiring different Intrusion Detection System(IDS)kind of solutions to leverage 802.11 header information for intrusion detection.Wireless-specific traffic features with high information gain are primarily found in data link layers rather than application layers in wired networks.This survey investigates some of the complexities and challenges in deploying wireless IDS in terms of data collection methods,IDS techniques,IDS placement strategies,and traffic data analysis techniques.This paper’s main finding highlights the lack of available network traces for training modern machine-learning models against IoT specific intrusions.Specifically,the Knowledge Discovery in Databases(KDD)Cup dataset is reviewed to highlight the design challenges of wireless intrusion detection based on current data attributes and proposed several guidelines to future-proof following traffic capture methods in the wireless network(WN).The paper starts with a review of various intrusion detection techniques,data collection methods and placement methods.The main goal of this paper is to study the design challenges of deploying intrusion detection system in a wireless environment.Intrusion detection system deployment in a wireless environment is not as straightforward as in the wired network environment due to the architectural complexities.So this paper reviews the traditional wired intrusion detection deployment methods and discusses how these techniques could be adopted into the wireless environment and also highlights the design challenges in the wireless environment.The main wireless environments to look into would be Wireless Sensor Networks(WSN),Mobile Ad Hoc Networks(MANET)and IoT as this are the future trends and a lot of attacks have been targeted into these networks.So it is very crucial to design an IDS specifically to target on the wireless networks. 展开更多
关键词 Internet of Things MANET intrusion detection systems wireless networks
下载PDF
Cyber Security Analysis and Evaluation for Intrusion Detection Systems 被引量:1
3
作者 Yoosef B.Abushark Asif Irshad Khan +5 位作者 Fawaz Alsolami Abdulmohsen Almalawi Md Mottahir Alam Alka Agrawal Rajeev Kumar Raees Ahmad Khan 《Computers, Materials & Continua》 SCIE EI 2022年第7期1765-1783,共19页
Machine learning is a technique that is widely employed in both the academic and industrial sectors all over the world.Machine learning algorithms that are intuitive can analyse risks and respond swiftly to breaches a... Machine learning is a technique that is widely employed in both the academic and industrial sectors all over the world.Machine learning algorithms that are intuitive can analyse risks and respond swiftly to breaches and security issues.It is crucial in offering a proactive security system in the field of cybersecurity.In real time,cybersecurity protects information,information systems,and networks from intruders.In the recent decade,several assessments on security and privacy estimates have noted a rapid growth in both the incidence and quantity of cybersecurity breaches.At an increasing rate,intruders are breaching information security.Anomaly detection,software vulnerability diagnosis,phishing page identification,denial of service assaults,and malware identification are the foremost cyber-security concerns that require efficient clarifications.Practitioners have tried a variety of approaches to address the present cybersecurity obstacles and concerns.In a similar vein,the goal of this research is to assess the idealness of machine learning-based intrusion detection systems under fuzzy conditions using a Multi-Criteria Decision Making(MCDM)-based Analytical Hierarchy Process(AHP)and a Technique for Order of Preference by Similarity to Ideal-Solutions(TOPSIS).Fuzzy sets are ideal for dealing with decision-making scenarios in which experts are unsure of the best course of action.The projected work would support practitioners in identifying,prioritising,and selecting cybersecurityrelated attributes for intrusion detection systems,allowing them to design more optimal and effective intrusion detection systems. 展开更多
关键词 CYBERSECURITY machine learning AHP-TOPSIS fuzzy logic intrusion detection systems
下载PDF
Intrusion detection systems for wireless sensor networks using computational intelligence techniques 被引量:1
4
作者 Vaishnavi Sivagaminathan Manmohan Sharma Santosh Kumar Henge 《Cybersecurity》 EI CSCD 2024年第2期81-95,共15页
Network Intrusion Detection Systems(NIDS)are utilized to find hostile network connections.This can be accom-plished by looking at traffic network activity,but it takes a lot of work.The NIDS heavily utilizes approache... Network Intrusion Detection Systems(NIDS)are utilized to find hostile network connections.This can be accom-plished by looking at traffic network activity,but it takes a lot of work.The NIDS heavily utilizes approaches for data extraction and machine learning to find anomalies.In terms of feature selection,NIDS is far more effective.This is accurate since anomaly identification uses a number of time-consuming features.Because of this,the feature selec-tion method influences how long it takes to analyze movement patterns and how clear it is.The goal of the study is to provide NIDS with an attribute selection approach.PSO has been used for that purpose.The Network Intrusion Detection System that is being developed will be able to identify any malicious activity in the network or any unusual behavior in the network,allowing the identification of the illegal activities and safeguarding the enormous amounts of confidential data belonging to the customers from being compromised.In the research,datasets were produced utilising both a network infrastructure and a simulation network.Wireshark is used to gather data packets whereas Cisco Packet Tracer is used to build a network in a simulated environment.Additionally,a physical network consisting of six node MCUs connected to a laptop and a mobile hotspot,has been built and communication packets are being recorded using the Wireshark tool.To train several machine learning models,all the datasets that were gatheredcre-ated datasets from our own studies as well as some common datasets like NSDL and UNSW acquired from Kaggle-were employed.Additionally,PsO,which is an optimization method,has been used with these ML algorithms for feature selection.In the research,KNN,decision trees,and ANN have all been combined with PSO for a specific case study.And it was found demonstrated the classification methods PSO+ANN outperformed PSO+KNN and PSO+DT in this case study. 展开更多
关键词 Network intrusion detection systems(NIDS) Cisco packet tracer Wireshark tool Machine learning PSO CYBERSECURITY Optimization
原文传递
A Review of Generative Adversarial Networks for Intrusion Detection Systems: Advances, Challenges, and Future Directions
5
作者 Monirah Al-Ajlan Mourad Ykhlef 《Computers, Materials & Continua》 SCIE EI 2024年第11期2053-2076,共24页
The ever-growing network traffic threat landscape necessitates adopting accurate and robust intrusion detection systems(IDSs).IDSs have become a research hotspot and have seen remarkable performance improvements.Gener... The ever-growing network traffic threat landscape necessitates adopting accurate and robust intrusion detection systems(IDSs).IDSs have become a research hotspot and have seen remarkable performance improvements.Generative adversarial networks(GANs)have also garnered increasing research interest recently due to their remarkable ability to generate data.This paper investigates the application of(GANs)in(IDS)and explores their current use within this research field.We delve into the adoption of GANs within signature-based,anomaly-based,and hybrid IDSs,focusing on their objectives,methodologies,and advantages.Overall,GANs have been widely employed,mainly focused on solving the class imbalance issue by generating realistic attack samples.While GANs have shown significant potential in addressing the class imbalance issue,there are still open opportunities and challenges to be addressed.Little attention has been paid to their applicability in distributed and decentralized domains,such as IoT networks.Efficiency and scalability have been mostly overlooked,and thus,future works must aim at addressing these gaps. 展开更多
关键词 intrusion detection systems network security generative networks deep learning dataset
下载PDF
A Novel MegaBAT Optimized Intelligent Intrusion Detection System in Wireless Sensor Networks 被引量:1
6
作者 G.Nagalalli GRavi 《Intelligent Automation & Soft Computing》 SCIE 2023年第1期475-490,共16页
Wireless Sensor Network(WSN),whichfinds as one of the major components of modern electronic and wireless systems.A WSN consists of numerous sensor nodes for the discovery of sensor networks to leverage features like d... Wireless Sensor Network(WSN),whichfinds as one of the major components of modern electronic and wireless systems.A WSN consists of numerous sensor nodes for the discovery of sensor networks to leverage features like data sensing,data processing,and communication.In thefield of medical health care,these network plays a very vital role in transmitting highly sensitive data from different geographic regions and collecting this information by the respective network.But the fear of different attacks on health care data typically increases day by day.In a very short period,these attacks may cause adversarial effects to the WSN nodes.Furthermore,the existing Intrusion Detection System(IDS)suffers from the drawbacks of limited resources,low detection rate,and high computational overhead and also increases the false alarm rates in detecting the different attacks.Given the above-mentioned problems,this paper proposes the novel MegaBAT optimized Long Short Term Memory(MBOLT)-IDS for WSNs for the effective detection of different attacks.In the proposed framework,hyperpara-meters of deep Long Short-Term Memory(LSTM)were optimized by the meta-heuristic megabat algorithm to obtain a low computational overhead and high performance.The experimentations have been carried out using(Wireless Sensor NetworkDetection System)WSN-DS datasets and performance metrics such as accuracy,recall,precision,specificity,and F1-score are calculated and compared with the other existing intelligent IDS.The proposed framework provides outstanding results in detecting the black hole,gray hole,scheduling,flooding attacks and significantly reduces the time complexity,which makes this system suitable for resource-constraint WSNs. 展开更多
关键词 Wireless sensor network intrusion detection systems long short term memory megabat optimization
下载PDF
Multi-Attack Intrusion Detection System for Software-Defined Internet of Things Network
7
作者 Tarcizio Ferrao Franklin Manene Adeyemi Abel Ajibesin 《Computers, Materials & Continua》 SCIE EI 2023年第6期4985-5007,共23页
Currently,the Internet of Things(IoT)is revolutionizing communi-cation technology by facilitating the sharing of information between different physical devices connected to a network.To improve control,customization,f... Currently,the Internet of Things(IoT)is revolutionizing communi-cation technology by facilitating the sharing of information between different physical devices connected to a network.To improve control,customization,flexibility,and reduce network maintenance costs,a new Software-Defined Network(SDN)technology must be used in this infrastructure.Despite the various advantages of combining SDN and IoT,this environment is more vulnerable to various attacks due to the centralization of control.Most methods to ensure IoT security are designed to detect Distributed Denial-of-Service(DDoS)attacks,but they often lack mechanisms to mitigate their severity.This paper proposes a Multi-Attack Intrusion Detection System(MAIDS)for Software-Defined IoT Networks(SDN-IoT).The proposed scheme uses two machine-learning algorithms to improve detection efficiency and provide a mechanism to prevent false alarms.First,a comparative analysis of the most commonly used machine-learning algorithms to secure the SDN was performed on two datasets:the Network Security Laboratory Knowledge Discovery in Databases(NSL-KDD)and the Canadian Institute for Cyberse-curity Intrusion Detection Systems(CICIDS2017),to select the most suitable algorithms for the proposed scheme and for securing SDN-IoT systems.The algorithms evaluated include Extreme Gradient Boosting(XGBoost),K-Nearest Neighbor(KNN),Random Forest(RF),Support Vector Machine(SVM),and Logistic Regression(LR).Second,an algorithm for selecting the best dataset for machine learning in Intrusion Detection Systems(IDS)was developed to enable effective comparison between the datasets used in the development of the security scheme.The results showed that XGBoost and RF are the best algorithms to ensure the security of SDN-IoT and to be applied in the proposed security system,with average accuracies of 99.88%and 99.89%,respectively.Furthermore,the proposed security scheme reduced the false alarm rate by 33.23%,which is a significant improvement over prevalent schemes.Finally,tests of the algorithm for dataset selection showed that the rates of false positives and false negatives were reduced when the XGBoost and RF algorithms were trained on the CICIDS2017 dataset,making it the best for IDS compared to the NSL-KDD dataset. 展开更多
关键词 Dataset selection false alarm intrusion detection systems IoT security machine learning SDN-IoT security software-defined networks
下载PDF
Optimization of Stealthwatch Network Security System for the Detection and Mitigation of Distributed Denial of Service (DDoS) Attack: Application to Smart Grid System
8
作者 Emmanuel S. Kolawole Penrose S. Cofie +4 位作者 John H. Fuller Cajetan M. Akujuobi Emmanuel A. Dada Justin F. Foreman Pamela H. Obiomon 《Communications and Network》 2024年第3期108-134,共27页
The Smart Grid is an enhancement of the traditional grid system and employs new technologies and sophisticated communication techniques for electrical power transmission and distribution. The Smart Grid’s communicati... The Smart Grid is an enhancement of the traditional grid system and employs new technologies and sophisticated communication techniques for electrical power transmission and distribution. The Smart Grid’s communication network shares information about status of its several integrated IEDs (Intelligent Electronic Devices). However, the IEDs connected throughout the Smart Grid, open opportunities for attackers to interfere with the communications and utilities resources or take clients’ private data. This development has introduced new cyber-security challenges for the Smart Grid and is a very concerning issue because of emerging cyber-threats and security incidents that have occurred recently all over the world. The purpose of this research is to detect and mitigate Distributed Denial of Service [DDoS] with application to the Electrical Smart Grid System by deploying an optimized Stealthwatch Secure Network analytics tool. In this paper, the DDoS attack in the Smart Grid communication networks was modeled using Stealthwatch tool. The simulated network consisted of Secure Network Analytic tools virtual machines (VMs), electrical Grid network communication topology, attackers and Target VMs. Finally, the experiments and simulations were performed, and the research results showed that Stealthwatch analytic tool is very effective in detecting and mitigating DDoS attacks in the Smart Grid System without causing any blackout or shutdown of any internal systems as compared to other tools such as GNS3, NeSSi2, NISST Framework, OMNeT++, INET Framework, ReaSE, NS2, NS3, M5 Simulator, OPNET, PLC & TIA Portal management Software which do not have the capability to do so. Also, using Stealthwatch tool to create a security baseline for Smart Grid environment, contributes to risk mitigation and sound security hygiene. 展开更多
关键词 Smart Grid System Distributed Denial of Service (DDoS) Attack intrusion detection and Prevention systems detection Mitigation and Stealthwatch
下载PDF
Applying Stack Bidirectional LSTM Model to Intrusion Detection 被引量:5
9
作者 Ziyong Ran Desheng Zheng +1 位作者 Yanling Lai Lulu Tian 《Computers, Materials & Continua》 SCIE EI 2020年第10期309-320,共12页
Nowadays,Internet has become an indispensable part of daily life and is used in many fields.Due to the large amount of Internet traffic,computers are subject to various security threats,which may cause serious economi... Nowadays,Internet has become an indispensable part of daily life and is used in many fields.Due to the large amount of Internet traffic,computers are subject to various security threats,which may cause serious economic losses and even endanger national security.It is hoped that an effective security method can systematically classify intrusion data in order to avoid leakage of important data or misuse of data.As machine learning technology matures,deep learning is widely used in various industries.Combining deep learning with network security and intrusion detection is the current trend.In this paper,the problem of data classification in intrusion detection system is studied.We propose an intrusion detection model based on stack bidirectional long short-term memory(LSTM),introduce stack bidirectional LSTM into the field of intrusion detection and apply it to the intrusion detection.In order to determine the appropriate parameters and structure of stack bidirectional LSTM network,we have carried out experiments on various network structures and parameters and analyzed the experimental results.The classic KDD Cup’1999 dataset was selected for experiments so that we can obtain convincing and comparable results.Experimental results derived from the KDD Cup’1999 dataset show that the network with three hidden layers containing 80 LSTM cells is superior to other algorithms in computational cost and detection performance due to stack bidirectional LSTM model’s ability to review time and correlate with connected records continuously.The experiment shows the effectiveness of stack bidirectional LSTM network in intrusion detection. 展开更多
关键词 Stack bidirectional LSTM KDD Cup’1999 intrusion detection systems machine learning recurrent neural network
下载PDF
Detection of Abnormal Network Traffic Using Bidirectional Long Short-Term Memory
10
作者 Nga Nguyen Thi Thanh Quang H.Nguyen 《Computer Systems Science & Engineering》 SCIE EI 2023年第7期491-504,共14页
Nowadays,web systems and servers are constantly at great risk from cyberattacks.This paper proposes a novel approach to detecting abnormal network traffic using a bidirectional long short-term memory(LSTM)network in c... Nowadays,web systems and servers are constantly at great risk from cyberattacks.This paper proposes a novel approach to detecting abnormal network traffic using a bidirectional long short-term memory(LSTM)network in combination with the ensemble learning technique.First,the binary classification module was used to detect the current abnormal flow.Then,the abnormal flows were fed into the multilayer classification module to identify the specific type of flow.In this research,a deep learning bidirectional LSTM model,in combination with the convolutional neural network and attention technique,was deployed to identify a specific attack.To solve the real-time intrusion-detecting problem,a stacking ensemble-learning model was deployed to detect abnormal intrusion before being transferred to the attack classification module.The class-weight technique was applied to overcome the data imbalance between the attack layers.The results showed that our approach gained good performance and the F1 accuracy on the CICIDS2017 data set reached 99.97%,which is higher than the results obtained in other research. 展开更多
关键词 intrusion detection systems abnormal network traffics bi-directional lstm convolutional neural network ensemble learning
下载PDF
Beyond Defense: Proactive Approaches to Disaster Recovery and Threat Intelligence in Modern Enterprises
11
作者 Meysam Tahmasebi 《Journal of Information Security》 2024年第2期106-133,共28页
As cyber threats keep changing and business environments adapt, a comprehensive approach to disaster recovery involves more than just defensive measures. This research delves deep into the strategies required to respo... As cyber threats keep changing and business environments adapt, a comprehensive approach to disaster recovery involves more than just defensive measures. This research delves deep into the strategies required to respond to threats and anticipate and mitigate them proactively. Beginning with understanding the critical need for a layered defense and the intricacies of the attacker’s journey, the research offers insights into specialized defense techniques, emphasizing the importance of timely and strategic responses during incidents. Risk management is brought to the forefront, underscoring businesses’ need to adopt mature risk assessment practices and understand the potential risk impact areas. Additionally, the value of threat intelligence is explored, shedding light on the importance of active engagement within sharing communities and the vigilant observation of adversary motivations. “Beyond Defense: Proactive Approaches to Disaster Recovery and Threat Intelligence in Modern Enterprises” is a comprehensive guide for organizations aiming to fortify their cybersecurity posture, marrying best practices in proactive and reactive measures in the ever-challenging digital realm. 展开更多
关键词 Advanced Persistent Threats (APT) Attack Phases Attack Surface DEFENSE-IN-DEPTH Disaster Recovery (DR) Incident Response Plan (IRP) intrusion detection systems (IDS) intrusion Prevention System (IPS) Key Risk Indicator (KRI) Layered Defense Lockheed Martin Kill Chain Proactive Defense Redundancy Risk Management Threat Intelligence
下载PDF
Adaptive Cyber Defense Technique Based on Multiagent Reinforcement Learning Strategies
12
作者 Adel Alshamrani Abdullah Alshahrani 《Intelligent Automation & Soft Computing》 SCIE 2023年第6期2757-2771,共15页
The static nature of cyber defense systems gives attackers a sufficient amount of time to explore and further exploit the vulnerabilities of information technology systems.In this paper,we investigate a problem where ... The static nature of cyber defense systems gives attackers a sufficient amount of time to explore and further exploit the vulnerabilities of information technology systems.In this paper,we investigate a problem where multiagent sys-tems sensing and acting in an environment contribute to adaptive cyber defense.We present a learning strategy that enables multiple agents to learn optimal poli-cies using multiagent reinforcement learning(MARL).Our proposed approach is inspired by the multiarmed bandits(MAB)learning technique for multiple agents to cooperate in decision making or to work independently.We study a MAB approach in which defenders visit a system multiple times in an alternating fash-ion to maximize their rewards and protect their system.We find that this game can be modeled from an individual player’s perspective as a restless MAB problem.We discover further results when the MAB takes the form of a pure birth process,such as a myopic optimal policy,as well as providing environments that offer the necessary incentives required for cooperation in multiplayer projects. 展开更多
关键词 Multiarmed bandits reinforcement learning MULTIAGENTS intrusion detection systems
下载PDF
上一页 1 下一页 到第
使用帮助 返回顶部