期刊文献+
共找到2,249篇文章
< 1 2 113 >
每页显示 20 50 100
A Review of Generative Adversarial Networks for Intrusion Detection Systems: Advances, Challenges, and Future Directions
1
作者 Monirah Al-Ajlan Mourad Ykhlef 《Computers, Materials & Continua》 SCIE EI 2024年第11期2053-2076,共24页
The ever-growing network traffic threat landscape necessitates adopting accurate and robust intrusion detection systems(IDSs).IDSs have become a research hotspot and have seen remarkable performance improvements.Gener... The ever-growing network traffic threat landscape necessitates adopting accurate and robust intrusion detection systems(IDSs).IDSs have become a research hotspot and have seen remarkable performance improvements.Generative adversarial networks(GANs)have also garnered increasing research interest recently due to their remarkable ability to generate data.This paper investigates the application of(GANs)in(IDS)and explores their current use within this research field.We delve into the adoption of GANs within signature-based,anomaly-based,and hybrid IDSs,focusing on their objectives,methodologies,and advantages.Overall,GANs have been widely employed,mainly focused on solving the class imbalance issue by generating realistic attack samples.While GANs have shown significant potential in addressing the class imbalance issue,there are still open opportunities and challenges to be addressed.Little attention has been paid to their applicability in distributed and decentralized domains,such as IoT networks.Efficiency and scalability have been mostly overlooked,and thus,future works must aim at addressing these gaps. 展开更多
关键词 intrusion detection systems network security generative networks deep learning DATASET
下载PDF
CNN Channel Attention Intrusion Detection SystemUsing NSL-KDD Dataset
2
作者 Fatma S.Alrayes Mohammed Zakariah +2 位作者 Syed Umar Amin Zafar Iqbal Khan Jehad Saad Alqurni 《Computers, Materials & Continua》 SCIE EI 2024年第6期4319-4347,共29页
Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,hi... Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,highly-adaptable Network Intrusion Detection Systems(NIDS)that can identify anomalies.The NSL-KDD dataset is used in the study;it is a sizable collection comprising 43 variables with the label’s“attack”and“level.”It proposes a novel approach to intrusion detection based on the combination of channel attention and convolutional neural networks(CNN).Furthermore,this dataset makes it easier to conduct a thorough assessment of the suggested intrusion detection strategy.Furthermore,maintaining operating efficiency while improving detection accuracy is the primary goal of this work.Moreover,typical NIDS examines both risky and typical behavior using a variety of techniques.On the NSL-KDD dataset,our CNN-based approach achieves an astounding 99.728%accuracy rate when paired with channel attention.Compared to previous approaches such as ensemble learning,CNN,RBM(Boltzmann machine),ANN,hybrid auto-encoders with CNN,MCNN,and ANN,and adaptive algorithms,our solution significantly improves intrusion detection performance.Moreover,the results highlight the effectiveness of our suggested method in improving intrusion detection precision,signifying a noteworthy advancement in this field.Subsequent efforts will focus on strengthening and expanding our approach in order to counteract growing cyberthreats and adjust to changing network circumstances. 展开更多
关键词 intrusion detection system(ids) NSL-KDD dataset deep-learning MACHINE-LEARNING CNN channel Attention network security
下载PDF
A Comprehensive Analysis of Datasets for Automotive Intrusion Detection Systems
3
作者 Seyoung Lee Wonsuk Choi +2 位作者 InsupKim Ganggyu Lee Dong Hoon Lee 《Computers, Materials & Continua》 SCIE EI 2023年第9期3413-3442,共30页
Recently,automotive intrusion detection systems(IDSs)have emerged as promising defense approaches to counter attacks on in-vehicle networks(IVNs).However,the effectiveness of IDSs relies heavily on the quality of the ... Recently,automotive intrusion detection systems(IDSs)have emerged as promising defense approaches to counter attacks on in-vehicle networks(IVNs).However,the effectiveness of IDSs relies heavily on the quality of the datasets used for training and evaluation.Despite the availability of several datasets for automotive IDSs,there has been a lack of comprehensive analysis focusing on assessing these datasets.This paper aims to address the need for dataset assessment in the context of automotive IDSs.It proposes qualitative and quantitative metrics that are independent of specific automotive IDSs,to evaluate the quality of datasets.These metrics take into consideration various aspects such as dataset description,collection environment,and attack complexity.This paper evaluates eight commonly used datasets for automotive IDSs using the proposed metrics.The evaluation reveals biases in the datasets,particularly in terms of limited contexts and lack of diversity.Additionally,it highlights that the attacks in the datasets were mostly injected without considering normal behaviors,which poses challenges for training and evaluating machine learning-based IDSs.This paper emphasizes the importance of addressing the identified limitations in existing datasets to improve the performance and adaptability of automotive IDSs.The proposed metrics can serve as valuable guidelines for researchers and practitioners in selecting and constructing high-quality datasets for automotive security applications.Finally,this paper presents the requirements for high-quality datasets,including the need for representativeness,diversity,and balance. 展开更多
关键词 Controller area network(CAN) intrusion detection system(ids) automotive security machine learning(ML) DATASET
下载PDF
A Hybrid DNN-RBFNN Model for Intrusion Detection System
4
作者 Wafula Maurice Oboya Anthony Waititu Gichuhi Anthony Wanjoya 《Journal of Data Analysis and Information Processing》 2023年第4期371-387,共17页
Intrusion Detection Systems (IDS) are pivotal in safeguarding computer networks from malicious activities. This study presents a novel approach by proposing a Hybrid Dense Neural Network-Radial Basis Function Neural N... Intrusion Detection Systems (IDS) are pivotal in safeguarding computer networks from malicious activities. This study presents a novel approach by proposing a Hybrid Dense Neural Network-Radial Basis Function Neural Network (DNN-RBFNN) architecture to enhance the accuracy and efficiency of IDS. The hybrid model synergizes the strengths of both dense learning and radial basis function networks, aiming to address the limitations of traditional IDS techniques in classifying packets that could result in Remote-to-local (R2L), Denial of Service (Dos), and User-to-root (U2R) intrusions. 展开更多
关键词 Dense Neural Network (DNN) Radial Basis Function Neural Network (RBFNN) intrusion detection system (ids) Denial of Service (DoS) Remote to Local (R2L) User-to-Root (U2R)
下载PDF
Optimization of Stealthwatch Network Security System for the Detection and Mitigation of Distributed Denial of Service (DDoS) Attack: Application to Smart Grid System
5
作者 Emmanuel S. Kolawole Penrose S. Cofie +4 位作者 John H. Fuller Cajetan M. Akujuobi Emmanuel A. Dada Justin F. Foreman Pamela H. Obiomon 《Communications and Network》 2024年第3期108-134,共27页
The Smart Grid is an enhancement of the traditional grid system and employs new technologies and sophisticated communication techniques for electrical power transmission and distribution. The Smart Grid’s communicati... The Smart Grid is an enhancement of the traditional grid system and employs new technologies and sophisticated communication techniques for electrical power transmission and distribution. The Smart Grid’s communication network shares information about status of its several integrated IEDs (Intelligent Electronic Devices). However, the IEDs connected throughout the Smart Grid, open opportunities for attackers to interfere with the communications and utilities resources or take clients’ private data. This development has introduced new cyber-security challenges for the Smart Grid and is a very concerning issue because of emerging cyber-threats and security incidents that have occurred recently all over the world. The purpose of this research is to detect and mitigate Distributed Denial of Service [DDoS] with application to the Electrical Smart Grid System by deploying an optimized Stealthwatch Secure Network analytics tool. In this paper, the DDoS attack in the Smart Grid communication networks was modeled using Stealthwatch tool. The simulated network consisted of Secure Network Analytic tools virtual machines (VMs), electrical Grid network communication topology, attackers and Target VMs. Finally, the experiments and simulations were performed, and the research results showed that Stealthwatch analytic tool is very effective in detecting and mitigating DDoS attacks in the Smart Grid System without causing any blackout or shutdown of any internal systems as compared to other tools such as GNS3, NeSSi2, NISST Framework, OMNeT++, INET Framework, ReaSE, NS2, NS3, M5 Simulator, OPNET, PLC & TIA Portal management Software which do not have the capability to do so. Also, using Stealthwatch tool to create a security baseline for Smart Grid environment, contributes to risk mitigation and sound security hygiene. 展开更多
关键词 Smart Grid system Distributed Denial of Service (DDoS) Attack intrusion detection and Prevention systems detection Mitigation and Stealthwatch
下载PDF
A Novel MegaBAT Optimized Intelligent Intrusion Detection System in Wireless Sensor Networks 被引量:1
6
作者 G.Nagalalli GRavi 《Intelligent Automation & Soft Computing》 SCIE 2023年第1期475-490,共16页
Wireless Sensor Network(WSN),whichfinds as one of the major components of modern electronic and wireless systems.A WSN consists of numerous sensor nodes for the discovery of sensor networks to leverage features like d... Wireless Sensor Network(WSN),whichfinds as one of the major components of modern electronic and wireless systems.A WSN consists of numerous sensor nodes for the discovery of sensor networks to leverage features like data sensing,data processing,and communication.In thefield of medical health care,these network plays a very vital role in transmitting highly sensitive data from different geographic regions and collecting this information by the respective network.But the fear of different attacks on health care data typically increases day by day.In a very short period,these attacks may cause adversarial effects to the WSN nodes.Furthermore,the existing Intrusion Detection System(IDS)suffers from the drawbacks of limited resources,low detection rate,and high computational overhead and also increases the false alarm rates in detecting the different attacks.Given the above-mentioned problems,this paper proposes the novel MegaBAT optimized Long Short Term Memory(MBOLT)-IDS for WSNs for the effective detection of different attacks.In the proposed framework,hyperpara-meters of deep Long Short-Term Memory(LSTM)were optimized by the meta-heuristic megabat algorithm to obtain a low computational overhead and high performance.The experimentations have been carried out using(Wireless Sensor NetworkDetection System)WSN-DS datasets and performance metrics such as accuracy,recall,precision,specificity,and F1-score are calculated and compared with the other existing intelligent IDS.The proposed framework provides outstanding results in detecting the black hole,gray hole,scheduling,flooding attacks and significantly reduces the time complexity,which makes this system suitable for resource-constraint WSNs. 展开更多
关键词 Wireless sensor network intrusion detection systems long short term memory megabat optimization
下载PDF
Protecting Against Address Space Layout Randomisation (ASLR) Compromises and Return-to-Libc Attacks Using Network Intrusion Detection Systems 被引量:2
7
作者 David J Day Zheng-Xu Zhao 《International Journal of Automation and computing》 EI 2011年第4期472-483,共12页
Writable XOR executable (W⊕X) and address space layout randomisation (ASLR) have elevated the understanding necessary to perpetrate buffer overflow exploits [1] . However, they have not proved to be a panacea [1 ... Writable XOR executable (W⊕X) and address space layout randomisation (ASLR) have elevated the understanding necessary to perpetrate buffer overflow exploits [1] . However, they have not proved to be a panacea [1 3] , and so other mechanisms, such as stack guards and prelinking, have been introduced. In this paper, we show that host-based protection still does not offer a complete solution. To demonstrate the protection inadequacies, we perform an over the network brute force return-to-libc attack against a preforking concurrent server to gain remote access to a shell. The attack defeats host protection including W⊕X and ASLR. We then demonstrate that deploying a network intrusion detection systems (NIDS) with appropriate signatures can detect this attack efficiently. 展开更多
关键词 Buffer overflow stack overflow intrusion detection systems (ids signature rules return-to-libc attack pre-forking.
下载PDF
Multi-Zone-Wise Blockchain Based Intrusion Detection and Prevention System for IoT Environment
8
作者 Salaheddine Kably Tajeddine Benbarrad +1 位作者 Nabih Alaoui Mounir Arioua 《Computers, Materials & Continua》 SCIE EI 2023年第1期253-278,共26页
Blockchain merges technology with the Internet of Things(IoT)for addressing security and privacy-related issues.However,conventional blockchain suffers from scalability issues due to its linear structure,which increas... Blockchain merges technology with the Internet of Things(IoT)for addressing security and privacy-related issues.However,conventional blockchain suffers from scalability issues due to its linear structure,which increases the storage overhead,and Intrusion detection performed was limited with attack severity,leading to performance degradation.To overcome these issues,we proposed MZWB(Multi-Zone-Wise Blockchain)model.Initially,all the authenticated IoT nodes in the network ensure their legitimacy by using the Enhanced Blowfish Algorithm(EBA),considering several metrics.Then,the legitimately considered nodes for network construction for managing the network using Bayesian-Direct Acyclic Graph(B-DAG),which considers several metrics.The intrusion detection is performed based on two tiers.In the first tier,a Deep Convolution Neural Network(DCNN)analyzes the data packets by extracting packet flow features to classify the packets as normal,malicious,and suspicious.In the second tier,the suspicious packets are classified as normal or malicious using the Generative Adversarial Network(GAN).Finally,intrusion scenario performed reconstruction to reduce the severity of attacks in which Improved Monkey Optimization(IMO)is used for attack path discovery by considering several metrics,and the Graph cut utilized algorithm for attack scenario reconstruction(ASR).UNSW-NB15 and BoT-IoT utilized datasets for the MZWB method simulated using a Network simulator(NS-3.26).Compared with previous performance metrics such as energy consumption,storage overhead accuracy,response time,attack detection rate,precision,recall,and F-measure.The simulation result shows that the proposed MZWB method achieves high performance than existing works. 展开更多
关键词 IOT multi-zone-wise blockchain intrusion detection and prevention system edge computing network graph construction ids intrusion scenario reconstruction
下载PDF
Multi-Attack Intrusion Detection System for Software-Defined Internet of Things Network
9
作者 Tarcizio Ferrao Franklin Manene Adeyemi Abel Ajibesin 《Computers, Materials & Continua》 SCIE EI 2023年第6期4985-5007,共23页
Currently,the Internet of Things(IoT)is revolutionizing communi-cation technology by facilitating the sharing of information between different physical devices connected to a network.To improve control,customization,f... Currently,the Internet of Things(IoT)is revolutionizing communi-cation technology by facilitating the sharing of information between different physical devices connected to a network.To improve control,customization,flexibility,and reduce network maintenance costs,a new Software-Defined Network(SDN)technology must be used in this infrastructure.Despite the various advantages of combining SDN and IoT,this environment is more vulnerable to various attacks due to the centralization of control.Most methods to ensure IoT security are designed to detect Distributed Denial-of-Service(DDoS)attacks,but they often lack mechanisms to mitigate their severity.This paper proposes a Multi-Attack Intrusion Detection System(MAIDS)for Software-Defined IoT Networks(SDN-IoT).The proposed scheme uses two machine-learning algorithms to improve detection efficiency and provide a mechanism to prevent false alarms.First,a comparative analysis of the most commonly used machine-learning algorithms to secure the SDN was performed on two datasets:the Network Security Laboratory Knowledge Discovery in Databases(NSL-KDD)and the Canadian Institute for Cyberse-curity Intrusion Detection Systems(CICIDS2017),to select the most suitable algorithms for the proposed scheme and for securing SDN-IoT systems.The algorithms evaluated include Extreme Gradient Boosting(XGBoost),K-Nearest Neighbor(KNN),Random Forest(RF),Support Vector Machine(SVM),and Logistic Regression(LR).Second,an algorithm for selecting the best dataset for machine learning in Intrusion Detection Systems(IDS)was developed to enable effective comparison between the datasets used in the development of the security scheme.The results showed that XGBoost and RF are the best algorithms to ensure the security of SDN-IoT and to be applied in the proposed security system,with average accuracies of 99.88%and 99.89%,respectively.Furthermore,the proposed security scheme reduced the false alarm rate by 33.23%,which is a significant improvement over prevalent schemes.Finally,tests of the algorithm for dataset selection showed that the rates of false positives and false negatives were reduced when the XGBoost and RF algorithms were trained on the CICIDS2017 dataset,making it the best for IDS compared to the NSL-KDD dataset. 展开更多
关键词 Dataset selection false alarm intrusion detection systems IoT security machine learning SDN-IoT security software-defined networks
下载PDF
MA-IDS: A Distributed Intrusion Detection System Based on Data Mining
10
作者 SUNJian-hua JINHai CHENHao HANZong-fen 《Wuhan University Journal of Natural Sciences》 CAS 2005年第1期111-114,共4页
Aiming at the shortcomings in intrusion detection systems (IDSs) used incommercial and research fields, we propose the MA-IDS system, a distributed intrusion detectionsystem based on data mining. In this model, misuse... Aiming at the shortcomings in intrusion detection systems (IDSs) used incommercial and research fields, we propose the MA-IDS system, a distributed intrusion detectionsystem based on data mining. In this model, misuse intrusion detection system CM1DS) and anomalyintrusion de-lection system (AIDS) are combined. Data mining is applied to raise detectionperformance, and distributed mechanism is employed to increase the scalability and efficiency. Host-and network-based mining algorithms employ an improved. Bayes-ian decision theorem that suits forreal security environment to minimize the risks incurred by false decisions. We describe the overallarchitecture of the MA-IDS system, and discuss specific design and implementation issue. 展开更多
关键词 intrusion detection data mining distributed system
下载PDF
Development of a Platform to Explore Network Intrusion Detection System (NIDS) for Cybersecurity
11
作者 Chee Keong Chan Alexander Weil Tine Yeoh 《Journal of Computer and Communications》 2018年第1期1-11,共11页
Cybersecurity is increasing its significance in recent years due to the overwhelming use of devices which require the use of internet. This raises the importance of having cybersecurity training for the upcoming gener... Cybersecurity is increasing its significance in recent years due to the overwhelming use of devices which require the use of internet. This raises the importance of having cybersecurity training for the upcoming generations as hackers continue to upgrade their methodologies and techniques to obtain important information such as personal identification, credit card numbers etcetera. This paper describes the development of a platform for students to learn how to setup and use a Network Intrusion Detection System in a virtual environment. In this environment, the administrator of a specific system can monitor and detect their network for any malicious activity. We will discuss in this paper the network configuration setup via virtualization technology followed by having a Network Intrusion Detection System installed in one of the virtual machines port mirrored to monitor the whole network. In the virtual network, a virtual machine will be assigned as an attacker to simulate cyber-attacks allowing the Network Intrusion Detection System to detect the Internet Protocol (IP) address from the source of malicious activity provider. In addition, students will have the opportunity to learn how to write basic rules for the Network Intrusion Detection System which are algorithms used to detect cyber malicious movements. 展开更多
关键词 NETWORK intrusion detection system CYBERSECURITY
下载PDF
General Study of Mobile Agent Based Intrusion Detection System (IDS)
12
作者 Chandrakant Jain Aumreesh Kumar Saxena 《Journal of Computer and Communications》 2016年第4期93-98,共6页
The extensive access of network interaction has made present networks more responsive to earlier intrusions. In distributed network intrusions, there are many computing nodes that are assisted by intruders. The eviden... The extensive access of network interaction has made present networks more responsive to earlier intrusions. In distributed network intrusions, there are many computing nodes that are assisted by intruders. The evidence of intrusions is to be associated from all the held up nodes. From the last few years, mobile agent based technique in intrusion detection system (IDS) has been widely used to detect intrusion over distributed network. This paper presented survey of several existing mobile agent based intrusion detection system and comparative analysis report between them. Furthermore we have focused on each attribute of analysis, for example technique (NIDS, HIDS or Hybrid), behavior layer, detection techniques for analysis, uses of mobile agent and technology used by existing IDS, strength and issues. Their strengths and issues are situational wherever appropriate. We have observed that some of the existing techniques are used in IDS which causes low detection rate, behavior layers like TCP connection for packet capturing which is most important activity in NIDS and response time (technology execution time) with memory consumption by mobile agent as major issues. 展开更多
关键词 intrusion detection system Mobile Agent intrusion Network ATTACK Security
下载PDF
CAND-IDS: A Novel Context Aware Intrusion Detection System in Cooperative Wireless Sensor Networks by Nodal Node Deployment
13
作者 Rathinam Gopal Velusamy Parthasarathy 《Circuits and Systems》 2016年第11期3504-3521,共19页
Cooperative wireless sensor networks have drastically grown due to node co-opera- tive in unaltered environment. Various real time applications are developed and deployed under cooperative network, which controls and ... Cooperative wireless sensor networks have drastically grown due to node co-opera- tive in unaltered environment. Various real time applications are developed and deployed under cooperative network, which controls and coordinates the flow to and from the nodes to the base station. Though nodes are interlinked to give expected state behavior, it is vital to monitor the malicious activities in the network. There is a high end probability to compromise the node behavior that leads to catastrophes. To overcome this issue a Novel Context Aware-IDS approach named Context Aware Nodal Deployment-IDS (CAND-IDS) is framed. During data transmission based on node properties and behavior CAND-IDS detects and eliminates the malicious nodes in the explored path. Also during network deployment and enhancement, node has to follow Context Aware Cooperative Routing Protocol (CCRP), to ensure the reliability of the network. CAND-IDS are programmed and simulated using Network Simulator software and the performance is verified and evaluated. The simulation result shows significant improvements in the throughput, energy consumption and delay made when compared with the existing system. 展开更多
关键词 Cooperative Network intrusion detection system Context Aware Routing Protocol Network Simulator
下载PDF
Intrusion Detection Systems in Internet of Things and Mobile Ad-Hoc Networks 被引量:2
14
作者 Vasaki Ponnusamy Mamoona Humayun +2 位作者 NZJhanjhi Aun Yichiet Maram Fahhad Almufareh 《Computer Systems Science & Engineering》 SCIE EI 2022年第3期1199-1215,共17页
Internet of Things(IoT)devices work mainly in wireless mediums;requiring different Intrusion Detection System(IDS)kind of solutions to leverage 802.11 header information for intrusion detection.Wireless-specific traff... Internet of Things(IoT)devices work mainly in wireless mediums;requiring different Intrusion Detection System(IDS)kind of solutions to leverage 802.11 header information for intrusion detection.Wireless-specific traffic features with high information gain are primarily found in data link layers rather than application layers in wired networks.This survey investigates some of the complexities and challenges in deploying wireless IDS in terms of data collection methods,IDS techniques,IDS placement strategies,and traffic data analysis techniques.This paper’s main finding highlights the lack of available network traces for training modern machine-learning models against IoT specific intrusions.Specifically,the Knowledge Discovery in Databases(KDD)Cup dataset is reviewed to highlight the design challenges of wireless intrusion detection based on current data attributes and proposed several guidelines to future-proof following traffic capture methods in the wireless network(WN).The paper starts with a review of various intrusion detection techniques,data collection methods and placement methods.The main goal of this paper is to study the design challenges of deploying intrusion detection system in a wireless environment.Intrusion detection system deployment in a wireless environment is not as straightforward as in the wired network environment due to the architectural complexities.So this paper reviews the traditional wired intrusion detection deployment methods and discusses how these techniques could be adopted into the wireless environment and also highlights the design challenges in the wireless environment.The main wireless environments to look into would be Wireless Sensor Networks(WSN),Mobile Ad Hoc Networks(MANET)and IoT as this are the future trends and a lot of attacks have been targeted into these networks.So it is very crucial to design an IDS specifically to target on the wireless networks. 展开更多
关键词 Internet of Things MANET intrusion detection systems wireless networks
下载PDF
AN INTRUSION DETECTION SYSTEM BASED ON EVIDENCE THEORY AND ROUGH SET THEORY 被引量:2
15
作者 Ye Qing Wu Xiaoping Zhang Changhong 《Journal of Electronics(China)》 2009年第6期777-781,共5页
In this paper,we propose a novel Intrusion Detection System (IDS) architecture utilizing both the evidence theory and Rough Set Theory (RST). Evidence theory is an effective tool in dealing with uncertainty question. ... In this paper,we propose a novel Intrusion Detection System (IDS) architecture utilizing both the evidence theory and Rough Set Theory (RST). Evidence theory is an effective tool in dealing with uncertainty question. It relies on the expert knowledge to provide evidences,needing the evidences to be independent,and this make it difficult in application. To solve this problem,a hybrid system of rough sets and evidence theory is proposed. Firstly,simplification are made based on Variable Precision Rough Set (VPRS) conditional entropy. Thus,the Basic Belief Assignment (BBA) for all evidences can be calculated. Secondly,Dempster’s rule of combination is used,and a decision-making is given. In the proposed approach,the difficulties in acquiring the BBAs are solved,the correlativity among the evidences is reduced and the subjectivity of evidences is weakened. An illustrative example in an intrusion detection shows that the two theories combination is feasible and effective. 展开更多
关键词 intrusion detection system (ids Evidence theory Rough Set Theory (RST)
下载PDF
Cyber Security Analysis and Evaluation for Intrusion Detection Systems 被引量:1
16
作者 Yoosef B.Abushark Asif Irshad Khan +5 位作者 Fawaz Alsolami Abdulmohsen Almalawi Md Mottahir Alam Alka Agrawal Rajeev Kumar Raees Ahmad Khan 《Computers, Materials & Continua》 SCIE EI 2022年第7期1765-1783,共19页
Machine learning is a technique that is widely employed in both the academic and industrial sectors all over the world.Machine learning algorithms that are intuitive can analyse risks and respond swiftly to breaches a... Machine learning is a technique that is widely employed in both the academic and industrial sectors all over the world.Machine learning algorithms that are intuitive can analyse risks and respond swiftly to breaches and security issues.It is crucial in offering a proactive security system in the field of cybersecurity.In real time,cybersecurity protects information,information systems,and networks from intruders.In the recent decade,several assessments on security and privacy estimates have noted a rapid growth in both the incidence and quantity of cybersecurity breaches.At an increasing rate,intruders are breaching information security.Anomaly detection,software vulnerability diagnosis,phishing page identification,denial of service assaults,and malware identification are the foremost cyber-security concerns that require efficient clarifications.Practitioners have tried a variety of approaches to address the present cybersecurity obstacles and concerns.In a similar vein,the goal of this research is to assess the idealness of machine learning-based intrusion detection systems under fuzzy conditions using a Multi-Criteria Decision Making(MCDM)-based Analytical Hierarchy Process(AHP)and a Technique for Order of Preference by Similarity to Ideal-Solutions(TOPSIS).Fuzzy sets are ideal for dealing with decision-making scenarios in which experts are unsure of the best course of action.The projected work would support practitioners in identifying,prioritising,and selecting cybersecurityrelated attributes for intrusion detection systems,allowing them to design more optimal and effective intrusion detection systems. 展开更多
关键词 CYBERSECURITY machine learning AHP-TOPSIS fuzzy logic intrusion detection systems
下载PDF
XA-GANomaly: An Explainable Adaptive Semi-Supervised Learning Method for Intrusion Detection Using GANomaly 被引量:2
17
作者 Yuna Han Hangbae Chang 《Computers, Materials & Continua》 SCIE EI 2023年第7期221-237,共17页
Intrusion detection involves identifying unauthorized network activity and recognizing whether the data constitute an abnormal network transmission.Recent research has focused on using semi-supervised learning mechani... Intrusion detection involves identifying unauthorized network activity and recognizing whether the data constitute an abnormal network transmission.Recent research has focused on using semi-supervised learning mechanisms to identify abnormal network traffic to deal with labeled and unlabeled data in the industry.However,real-time training and classifying network traffic pose challenges,as they can lead to the degradation of the overall dataset and difficulties preventing attacks.Additionally,existing semi-supervised learning research might need to analyze the experimental results comprehensively.This paper proposes XA-GANomaly,a novel technique for explainable adaptive semi-supervised learning using GANomaly,an image anomalous detection model that dynamically trains small subsets to these issues.First,this research introduces a deep neural network(DNN)-based GANomaly for semi-supervised learning.Second,this paper presents the proposed adaptive algorithm for the DNN-based GANomaly,which is validated with four subsets of the adaptive dataset.Finally,this study demonstrates a monitoring system that incorporates three explainable techniques—Shapley additive explanations,reconstruction error visualization,and t-distributed stochastic neighbor embedding—to respond effectively to attacks on traffic data at each feature engineering stage,semi-supervised learning,and adaptive learning.Compared to other single-class classification techniques,the proposed DNN-based GANomaly achieves higher scores for Network Security Laboratory-Knowledge Discovery in Databases and UNSW-NB15 datasets at 13%and 8%of F1 scores and 4.17%and 11.51%for accuracy,respectively.Furthermore,experiments of the proposed adaptive learning reveal mostly improved results over the initial values.An analysis and monitoring system based on the combination of the three explainable methodologies is also described.Thus,the proposed method has the potential advantages to be applied in practical industry,and future research will explore handling unbalanced real-time datasets in various scenarios. 展开更多
关键词 intrusion detection system(ids) adaptive learning semi-supervised learning explainable artificial intelligence(XAI) monitoring system
下载PDF
Ensemble-Based Approach for Efficient Intrusion Detection in Network Traffic 被引量:2
18
作者 Ammar Almomani Iman Akour +5 位作者 Ahmed M.Manasrah Omar Almomani Mohammad Alauthman Esra’a Abdullah Amaal Al Shwait Razan Al Sharaa 《Intelligent Automation & Soft Computing》 SCIE 2023年第8期2499-2517,共19页
The exponential growth of Internet and network usage has neces-sitated heightened security measures to protect against data and network breaches.Intrusions,executed through network packets,pose a significant challenge... The exponential growth of Internet and network usage has neces-sitated heightened security measures to protect against data and network breaches.Intrusions,executed through network packets,pose a significant challenge for firewalls to detect and prevent due to the similarity between legit-imate and intrusion traffic.The vast network traffic volume also complicates most network monitoring systems and algorithms.Several intrusion detection methods have been proposed,with machine learning techniques regarded as promising for dealing with these incidents.This study presents an Intrusion Detection System Based on Stacking Ensemble Learning base(Random For-est,Decision Tree,and k-Nearest-Neighbors).The proposed system employs pre-processing techniques to enhance classification efficiency and integrates seven machine learning algorithms.The stacking ensemble technique increases performance by incorporating three base models(Random Forest,Decision Tree,and k-Nearest-Neighbors)and a meta-model represented by the Logistic Regression algorithm.Evaluated using the UNSW-NB15 dataset,the pro-posed IDS gained an accuracy of 96.16%in the training phase and 97.95%in the testing phase,with precision of 97.78%,and 98.40%for taring and testing,respectively.The obtained results demonstrate improvements in other measurement criteria. 展开更多
关键词 intrusion detection system(ids) machine learning techniques stacking ensemble random forest decision tree k-nearest-neighbor
下载PDF
A Comparative Study of Related Technologies of Intrusion Detection &Prevention Systems
19
作者 Indraneel Mukhopadhyay Mohuya Chakraborty Satyajit Chakrabarti 《Journal of Information Security》 2011年第1期28-38,共11页
The rapid growth of computer networks has changed the prospect of network security. An easy accessibility condition causes computer networks to be vulnerable against numerous and potentially devastating threats from h... The rapid growth of computer networks has changed the prospect of network security. An easy accessibility condition causes computer networks to be vulnerable against numerous and potentially devastating threats from hackers. Up to the moment, researchers have developed Intrusion Detection Systems (IDS) capable of detecting attacks in several available environments. A boundlessness of methods for misuse detection as well as anomaly detection has been applied. Intrusion Prevention Systems (IPS) evolved after that to resolve am-biguities in passive network monitoring by placing detection systems on the line of attack. IPS in other words is IDS that are able to give prevention commands to firewalls and access control changes to routers. IPS can be seen as an improvement upon firewall technologies. It can make access control decisions based on application content, rather than IP address or ports as traditional firewalls do. The next innovation is the combination of IDS and IPS known as Intrusion Detection and Prevention Systems (IDPS) capable of de-tecting and preventing attacks from happening. This paper presents an overview of IDPS followed by their classifications and applications. A new signature based IDPS architecture named HawkEye Solutions has been proposed by the authors. Authors have presented the basic building blocks of the IDS, which include mechanisms for carrying out TCP port scans, Traceroute scan, ping scan and packet sniffing to monitor net-work health detect various types of attacks. Real time implementation results of the system have been pre-sented. Finally a comparative analysis of various existing IDS/IPS solutions with HawkEye Solutions em-phasizes its significance. 展开更多
关键词 ADVANCES of Network Security intrusion detection system intrusion PREVENTION system Haw-kEye Solutions
下载PDF
New Collaborative Intrusion Detection Architecture Based on Multi Agent Systems
20
作者 Mohssine EL AJJOURI Siham BENHADOU Hicham MEDROMI 《通讯和计算机(中英文版)》 2016年第1期1-10,共10页
关键词 协同入侵检测 多智能体系统 体系结构 多AGENT系统 基于案例的推理 学习系统 入侵检测系统 适应能力
下载PDF
上一页 1 2 113 下一页 到第
使用帮助 返回顶部