Unicode-proof code injection attack on Windows CE — A novel approach of evading intrusion detection system for mobile network

Recent advancement in technologies such as Cloud, Internet of Things etc., leads to the increase usage of mobile computing. Present day mobile computing are too sophisticated and advancement are reaching great heights. Moreover, the present day mobile network suffers due to external and internal intrusions within and outside networks. The existing security systems to protect the mobile networks are incapable to detect the recent attacks. Further, the existing security system completely depends on the traditional signature and rule based approaches. Recent attacks have the property of not fluctuating its behaviour during attack. Hence, a robust Intrusion Detection System (IDS) is desirable. In order to address the above mentioned issue, this paper proposed a robust IDS using Machine Learning Techniques (MLT). The key of using MLT is to utilize the power of ensembles. The ensembles of classifier used in this paper are Random Forest (RF), KNN, Naïve Bayes (NB), etc. The proposed IDS is experimentally tested and validated using a secure test bed. The experimental results also confirms that the proposed IDS is robust enough to withstand and detect any form of intrusions and it is also noted that the proposed IDS outperforms the state of the art IDS with more than 95% accuracy.

Download Full-text

Using response action with intelligent intrusion detection and prevention system against web application malware

Information Management & Computer Security ◽

10.1108/imcs-02-2013-0007 ◽

2014 ◽

Vol 22 (5) ◽

pp. 431-449 ◽

Cited By ~ 8

Author(s):

Ammar Alazab ◽

Michael Hobbs ◽

Jemal Abawajy ◽

Ansam Khraisat ◽

Mamoun Alazab

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Web Application ◽

Web Applications ◽

Detection Efficiency ◽

Detection System ◽

Content Type ◽

Novel Approach ◽

Prevention System ◽

Intrusion Detection And Prevention

Purpose – The purpose of this paper is to mitigate vulnerabilities in web applications, security detection and prevention are the most important mechanisms for security. However, most existing research focuses on how to prevent an attack at the web application layer, with less work dedicated to setting up a response action if a possible attack happened. Design/methodology/approach – A combination of a Signature-based Intrusion Detection System (SIDS) and an Anomaly-based Intrusion Detection System (AIDS), namely, the Intelligent Intrusion Detection and Prevention System (IIDPS). Findings – After evaluating the new system, a better result was generated in line with detection efficiency and the false alarm rate. This demonstrates the value of direct response action in an intrusion detection system. Research limitations/implications – Data limitation. Originality/value – The contributions of this paper are to first address the problem of web application vulnerabilities. Second, to propose a combination of an SIDS and an AIDS, namely, the IIDPS. Third, this paper presents a novel approach by connecting the IIDPS with a response action using fuzzy logic. Fourth, use the risk assessment to determine an appropriate response action against each attack event. Combining the system provides a better performance for the Intrusion Detection System, and makes the detection and prevention more effective.

Download Full-text