Deceiving Machine Learning-Based Saturation Attack Detection Systems in SDN

2020 ◽  
Author(s):  
Samer Y Khamaiseh ◽  
Izzat Alsmadi ◽  
Abdullah Al-Alaj
Keyword(s):  
Machine Learning ◽  
Attack Detection ◽  
Detection Systems

scholarly journals Machine Learning-Based IoT-Botnet Attack Detection with Sequential Architecture

Sensors ◽  
2020 ◽  
Vol 20 (16) ◽  
pp. 4372 ◽  
Author(s):  
Yan Naung Soe ◽  
Yaokai Feng ◽  
Paulus Insap Santosa ◽  
Rudy Hartanto ◽  
Kouichi Sakurai
Keyword(s):  
Machine Learning ◽  
High Performance ◽  
Detection System ◽  
Rapid Development ◽  
Attack Detection ◽  
Cyber Attacks ◽  
Detection Systems ◽  
Iot Devices ◽  
Artificial Neural Network Ann ◽  
Feature Selection Approach

With the rapid development and popularization of Internet of Things (IoT) devices, an increasing number of cyber-attacks are targeting such devices. It was said that most of the attacks in IoT environments are botnet-based attacks. Many security weaknesses still exist on the IoT devices because most of them have not enough memory and computational resource for robust security mechanisms. Moreover, many existing rule-based detection systems can be circumvented by attackers. In this study, we proposed a machine learning (ML)-based botnet attack detection framework with sequential detection architecture. An efficient feature selection approach is adopted to implement a lightweight detection system with a high performance. The overall detection performance achieves around 99% for the botnet attack detection using three different ML algorithms, including artificial neural network (ANN), J48 decision tree, and Naïve Bayes. The experiment result indicates that the proposed architecture can effectively detect botnet-based attacks, and also can be extended with corresponding sub-engines for new kinds of attacks.

scholarly journals An Efficient Classifier for U2R, R2L, DoS Attack

2020 ◽  
Vol 9 (1) ◽  
pp. 644-647
Keyword(s):  
Machine Learning ◽  
Network Security ◽  
Learning Algorithms ◽  
Research Area ◽  
Attack Detection ◽  
Machine Learning Algorithms ◽  
The Internet ◽  
Detection Accuracy ◽  
Cyber Attack ◽  
Detection Systems

The internet has become an irreplaceable communicating and informative tool in the current world. With the ever-growing importance and massive use of the internet today, there has been interesting from researchers to find the perfect Cyber Attack Detection Systems (CADSs) or rather referred to as Intrusion Detection Systems (IDSs) to protect against the vulnerabilities of network security. CADS presently exist in various variants but can be largely categorized into two broad classifications; signature-based detection and anomaly detection CADSs, based on their approaches to recognize attack packets.The signature-based CADS use the well-known signatures or fingerprints of the attack packets to signal the entry across the gateways of secured networks. Signature-based CADS can only recognize threats that use the known signature, new attacks with unknown signatures can, therefore, strike without notice. Alternatively, anomaly-based CADS are enabled to detect any abnormal traffic within the network and report. There are so many ways of identifying anomalies and different machine learning algorithms are introduced to counter such threats. Most systems, however, fall short of complete attack prevention in the real world due system administration and configuration, system complexity and abuse of authorized access. Several scholars and researchers have achieved a significant milestone in the development of CADS owing to the importance of computer and network security. This paper reviews the current trends of CADS analyzing the efficiency or level of detection accuracy of the machine learning algorithms for cyber-attack detection with an aim to point out to the best. CADS is a developing research area that continues to attract several researchers due to its critical objective.

scholarly journals Research and development automatically generate detection rules for IDS based on machine learning technology

2022 ◽  
Vol 2 (14) ◽  
pp. 45-54
Author(s):  
Nguyen Huy Trung ◽  
Le Hai Viet ◽  
Tran Duc Thang
Keyword(s):  
Machine Learning ◽  
False Alarm ◽  
Attack Detection ◽  
Learning Technology ◽  
Network Attacks ◽  
New Approach ◽  
Network Attack ◽  
Detection Systems ◽  
Resource Requirements ◽  
System Resource

Abstract—Nowadays, there have been many signature-based intrusion detection systems deployed and widely used. These systems are capable of detecting known attacks with low false alarm rates, fast detection times, and little system resource requirements. However, these systems are less effective against new attacks that are not included in the ruleset. In addition, recent studies provide a new approach to the problem of detecting unknown types of network attacks based on machine learning and deep learning. However, this new approach requires a lot of resources, processing time and has a high false alarm rate. Therefore, it is necessary to find a solution that combines the advantages of the two approaches above in the problem of detecting network attacks. In this paper, the authors present a method to automatically generate network attack detection rules for the IDS system based on the results of training machine learning models. Through testing, the author proves that the system that automatically generates network attack detection rules for IDS based on machine learning meets the requirements of increasing the ability to detect new types of attacks, ensuring automatic effective updates of new signs of network attacks. Tóm tắt—Ngày nay, đã có nhiều hệ thống phát hiện xâm nhập dựa trên chữ ký được triển khai và sử dụng rộng rãi. Các hệ thống này có khả năng phát hiện các cuộc tấn công đã biết với tỷ lệ báo động giả thấp, thời gian phát hiện nhanh và yêu cầu ít tài nguyên hệ thống. Tuy nhiên, các hệ thống này kém hiệu quả khi chống lại các cuộc tấn công mới không có trong tập luật. Các nghiên cứu gần đây cung cấp một cách tiếp cận mới cho vấn đề phát hiện các kiểu tấn công mạng mới dựa trên học máy và học sâu. Tuy nhiên, cách tiếp cận này đòi hỏi nhiều tài nguyên, thời gian xử lý. Vì vậy, cần tìm ra giải pháp kết hợp ưu điểm của hai cách tiếp cận trên trong bài toán phát hiện tấn công mạng. Trong bài báo này, nhóm tác giả trình bày phương pháp tự động sinh luật phát hiện tấn công mạng cho hệ thống phát hiện xâm nhập dựa trên kết quả huấn luyện mô hình học máy. Qua thử nghiệm, tác giả chứng minh rằng phương pháp này đáp ứng yêu cầu tăng khả năng phát hiện chính xác các kiểu tấn công mới, đảm bảo tự động cập nhật hiệu quả các dấu hiệu tấn công mạng mới vào tập luật.

scholarly journals Towards a Reliable Comparison and Evaluation of Network Intrusion Detection Systems Based on Machine Learning Approaches

2020 ◽  
Vol 10 (5) ◽  
pp. 1775 ◽  
Author(s):  
Roberto Magán-Carrión ◽  
Daniel Urda ◽  
Ignacio Díaz-Cano ◽  
Bernabé Dorronsoro
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Attack Detection ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
Learning Approaches ◽  
Network Attack ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems

Presently, we are living in a hyper-connected world where millions of heterogeneous devices are continuously sharing information in different application contexts for wellness, improving communications, digital businesses, etc. However, the bigger the number of devices and connections are, the higher the risk of security threats in this scenario. To counteract against malicious behaviours and preserve essential security services, Network Intrusion Detection Systems (NIDSs) are the most widely used defence line in communications networks. Nevertheless, there is no standard methodology to evaluate and fairly compare NIDSs. Most of the proposals elude mentioning crucial steps regarding NIDSs validation that make their comparison hard or even impossible. This work firstly includes a comprehensive study of recent NIDSs based on machine learning approaches, concluding that almost all of them do not accomplish with what authors of this paper consider mandatory steps for a reliable comparison and evaluation of NIDSs. Secondly, a structured methodology is proposed and assessed on the UGR’16 dataset to test its suitability for addressing network attack detection problems. The guideline and steps recommended will definitively help the research community to fairly assess NIDSs, although the definitive framework is not a trivial task and, therefore, some extra effort should still be made to improve its understandability and usability further.

scholarly journals Active Machine Learning Adversarial Attack Detection in the User Feedback Process

IEEE Access ◽  
2021 ◽  
pp. 1-1
Author(s):  
Victor R. Kebande ◽  
Sadi Alawadi ◽  
Feras Awaysheh ◽  
Jan A. Persson
Keyword(s):  
Machine Learning ◽  
User Feedback ◽  
Attack Detection ◽  
Feedback Process ◽  
Adversarial Attack

scholarly journals Standalone Behaviour-Based Attack Detection Techniques for Distributed Software Systems via Blockchain

2021 ◽  
Vol 11 (12) ◽  
pp. 5685
Author(s):  
Hosam Aljihani ◽  
Fathy Eassa ◽  
Khalid Almarhabi ◽  
Abdullah Algarni ◽  
Abdulaziz Attaallah
Keyword(s):  
Attack Detection ◽  
Detection Methods ◽  
Software Systems ◽  
Distributed Software ◽  
Detection Techniques ◽  
Detection Systems ◽  
Novel Approach ◽  
Validation Experiment ◽  
Critical Issues ◽  
Concrete Solution

With the rapid increase of cyberattacks that presently affect distributed software systems, cyberattacks and their consequences have become critical issues and have attracted the interest of research communities and companies to address them. Therefore, developing and improving attack detection techniques are prominent methods to defend against cyberattacks. One of the promising attack detection methods is behaviour-based attack detection methods. Practically, attack detection techniques are widely applied in distributed software systems that utilise network environments. However, there are some other challenges facing attack detection techniques, such as the immutability and reliability of the detection systems. These challenges can be overcome with promising technologies such as blockchain. Blockchain offers a concrete solution for ensuring data integrity against unauthorised modification. Hence, it improves the immutability for detection systems’ data and thus the reliability for the target systems. In this paper, we propose a design for standalone behaviour-based attack detection techniques that utilise blockchain’s functionalities to overcome the above-mentioned challenges. Additionally, we provide a validation experiment to prove our proposal in term of achieving its objectives. We argue that our proposal introduces a novel approach to develop and improve behaviour-based attack detection techniques to become more reliable for distributed software systems.

scholarly journals Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT

2021 ◽  
Vol 1 (2) ◽  
pp. 252-273
Author(s):  
Pavlos Papadopoulos ◽  
Oliver Thornewill von Essen ◽  
Nikolaos Pitropakis ◽  
Christos Chrysoulas ◽  
Alexios Mylonas ◽  
...  
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Learning Models ◽  
Detection Systems ◽  
Network Intrusion ◽  
Robust Model ◽  
Significant Probability ◽  
Adversarial Examples ◽  
Attack Surface

As the internet continues to be populated with new devices and emerging technologies, the attack surface grows exponentially. Technology is shifting towards a profit-driven Internet of Things market where security is an afterthought. Traditional defending approaches are no longer sufficient to detect both known and unknown attacks to high accuracy. Machine learning intrusion detection systems have proven their success in identifying unknown attacks with high precision. Nevertheless, machine learning models are also vulnerable to attacks. Adversarial examples can be used to evaluate the robustness of a designed model before it is deployed. Further, using adversarial examples is critical to creating a robust model designed for an adversarial environment. Our work evaluates both traditional machine learning and deep learning models’ robustness using the Bot-IoT dataset. Our methodology included two main approaches. First, label poisoning, used to cause incorrect classification by the model. Second, the fast gradient sign method, used to evade detection measures. The experiments demonstrated that an attacker could manipulate or circumvent detection with significant probability.

scholarly journals A Machine Learning Approach for Backoff Manipulation Attack Detection in Cognitive Radio

IEEE Access ◽  
2020 ◽  
Vol 8 ◽  
pp. 227349-227359
Author(s):  
Wassim Fassi Fihri ◽  
Hassan El Ghazi ◽  
Badr Abou El Majd ◽  
Faissal El Bouanani
Keyword(s):  
Machine Learning ◽  
Cognitive Radio ◽  
Attack Detection ◽  
Learning Approach ◽  
Machine Learning Approach
Sign in / Sign up

Export Citation Format

Share Document