Intrusion Detection System (IDS): Anomaly Detection Using Outlier Detection Approach

In this paper, a cluster-based hybrid security framework called HSFA for ad hoc networks is proposed and evaluated. The proposed security framework combines both specification and anomaly detection techniques to efficiently detect and prevent wide range of routing attacks. In the proposed hierarchical architecture, cluster nodes run a host specification-based intrusion detection system to detect specification violations attacks such as fabrication, replay, etc. While the cluster heads run an anomaly-based intrusion detection system to detect wormhole and rushing attacks. The proposed specification-based detection approach relies on a set of specifications automatically generated, while anomaly-detection uses statistical techniques. The proposed security framework provides an adaptive response against attacks to prevent damage to the network. The security framework is evaluated by simulation in presence of malicious nodes that can launch different attacks. Simulation results show that the proposed hybrid security framework performs significantly better than other existing mechanisms.

Download Full-text

User Modelling for Exclusion and Anomaly Detection: A Behavioural Intrusion Detection System

User Modeling, Adaptation, and Personalization - Lecture Notes in Computer Science ◽

10.1007/978-3-642-13470-8_20 ◽

2010 ◽

pp. 207-218 ◽

Cited By ~ 6

Author(s):

Grant Pannell ◽

Helen Ashman

Keyword(s):

Intrusion Detection ◽

Anomaly Detection ◽

Intrusion Detection System ◽

Detection System ◽

User Modelling

Download Full-text

Fusion of Misuse Detection with Anomaly Detection Technique for Novel Hybrid Network Intrusion Detection System

Advances in Intelligent Systems and Computing - Recent Developments in Intelligent Computing, Communication and Devices ◽

10.1007/978-981-10-3779-5_10 ◽

2017 ◽

pp. 73-87 ◽

Cited By ~ 1

Author(s):

Jamal Hussain ◽

Samuel Lalmuanawma

Keyword(s):

Intrusion Detection ◽

Anomaly Detection ◽

Intrusion Detection System ◽

Detection System ◽

Detection Technique ◽

Hybrid Network ◽

Network Intrusion Detection ◽

Misuse Detection ◽

Network Intrusion ◽

Network Intrusion Detection System

Download Full-text

Enhanced intrusion detection system via agent clustering and classification based on outlier detection

Peer-to-Peer Networking and Applications ◽

10.1007/s12083-019-00822-3 ◽

2020 ◽

Vol 13 (3) ◽

pp. 1038-1045 ◽

Cited By ~ 1

Author(s):

S. Sandosh ◽

V. Govindasamy ◽

G. Akila

Keyword(s):

Intrusion Detection ◽

Outlier Detection ◽

Intrusion Detection System ◽

Detection System ◽

Clustering And Classification

Download Full-text

Anomaly Detection in Distributed Denial of Service Attack using Map Reduce Improvised Counter Based Algorithm in Hadoop

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.d8431.118419 ◽

2019 ◽

Vol 8 (4) ◽

pp. 4668-4671

Keyword(s):

Intrusion Detection ◽

Anomaly Detection ◽

Network Traffic ◽

Intrusion Detection System ◽

Detection System ◽

Denial Of Service ◽

Map Reduce ◽

Distributed Denial Of Service ◽

Unusual Pattern ◽

Denial Of Service Attack

A Distributed denial of Service attacks(DDoS) is one of the major threats in the cyber network and it attacks the computers flooded with the Users Data Gram packet. These types of attacks causes major problem in the network in the form of crashing the system with large volume of traffic to attack the victim and make the victim idle in which not responding the requests. To detect this DDOS attack traditional intrusion detection system is not suitable to handle huge volume of data. Hadoop is a frame work which handles huge volume of data and is used to process the data to find any malicious activity in the data. In this research paper anomaly detection technique is implemented in Map Reduce Algorithm which detects the unusual pattern of data in the network traffic. To design a proposed model, Map Reduce platform is used to hold the improvised algorithm which detects the (DDoS) attacks by filtering and sorting the network traffic and detects the unusual pattern from the network. Improvised Map reduce algorithm is implemented with Map Reduce functionalities at the stage of verifying the network IPS. This Proposed algorithm focuses on the UDP flooding attack using Anomaly based Intrusion detection system technique which detects kind of pattern and flow of packets in the node is more than the threshold and also identifies the source code causing UDP Flood Attack.

Download Full-text

Monitoring DDOS Pada Openflow Switch Dengan Alienvault Ossim

Jurnal Teknologi Informasi Indonesia (JTII) ◽

10.30869/jtii.v3i2.260 ◽

2019 ◽

Vol 3 (2) ◽

pp. 23

Author(s):

Alimuddin Yasin ◽

Ismail Mohidin

Keyword(s):

Intrusion Detection ◽

Anomaly Detection ◽

Vulnerability Assessment ◽

Intrusion Detection System ◽

Detection System ◽

System Vulnerability

DDoS menjadi satu masalah utama dalam keamanan internet dalam dekade terakhir. Intrusion Detection System adalah sebuah aplikasi perangkat lunak atau perangkat keras yang dapat mendeteksi aktivitas yang mencurigakan dalam sebuah sistem atau jaringan. OSSIM adalah gabungan dari IDS (Intrusion Detection System), vulnerability assessment, anomaly detection, network and availability detection, firewall, dll, yang dikemas dalam bentuk distro linux . Sehingga dalam penelitian ini melakukan uji coba serangan DDoS sekaligus melakukan monitoring DDoS di jaringan SDN dengan Alienvault Ossim.

Download Full-text