Stealthy Attacks against Robotic Vehicles Protected by Control-based Intrusion Detection Techniques

Robotic vehicles (RV) are increasing in adoption in many industrial sectors. RVs use auto-pilot software for perception and navigation and rely on sensors and actuators for operating autonomously in the physical world. Control algorithms have been used in RVs to minimize the effects of noisy sensors, prevent faulty actuator output, and, recently, to detect attacks against RVs. In this article, we demonstrate the vulnerabilities in control-based intrusion detection techniques and propose three kinds of stealthy attacks that evade detection and disrupt RV missions. We also propose automated algorithms for performing the attacks without requiring the attacker to expend significant effort or to know specific details of the RV, thus making the attacks applicable to a wide range of RVs. We demonstrate the attacks on eight RV systems including three real vehicles in the presence of an Intrusion Detection System using control-based techniques to monitor RV’s runtime behavior and detect attacks. We find that the control-based techniques are incapable of detecting our stealthy attacks and that the attacks can have significant adverse impact on the RV’s mission (e.g., deviate it significantly from its target, or cause it to crash).

Download Full-text

Hybrid Intrusion Detection Framework for Ad hoc networks

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2016100101 ◽

2016 ◽

Vol 10 (4) ◽

pp. 1-32 ◽

Cited By ~ 5

Author(s):

Abdelaziz Amara Korba ◽

Mehdi Nafaa ◽

Salim Ghanemi

Keyword(s):

Intrusion Detection ◽

Anomaly Detection ◽

Ad Hoc Networks ◽

Intrusion Detection System ◽

Ad Hoc ◽

Detection System ◽

Security Framework ◽

Detection Techniques ◽

Wide Range ◽

Hoc Networks

In this paper, a cluster-based hybrid security framework called HSFA for ad hoc networks is proposed and evaluated. The proposed security framework combines both specification and anomaly detection techniques to efficiently detect and prevent wide range of routing attacks. In the proposed hierarchical architecture, cluster nodes run a host specification-based intrusion detection system to detect specification violations attacks such as fabrication, replay, etc. While the cluster heads run an anomaly-based intrusion detection system to detect wormhole and rushing attacks. The proposed specification-based detection approach relies on a set of specifications automatically generated, while anomaly-detection uses statistical techniques. The proposed security framework provides an adaptive response against attacks to prevent damage to the network. The security framework is evaluated by simulation in presence of malicious nodes that can launch different attacks. Simulation results show that the proposed hybrid security framework performs significantly better than other existing mechanisms.

Download Full-text

An IoT-Focused Intrusion Detection System Approach Based on Preprocessing Characterization for Cybersecurity Datasets

Sensors ◽

10.3390/s21020656 ◽

2021 ◽

Vol 21 (2) ◽

pp. 656

Author(s):

Xavier Larriva-Novo ◽

Víctor A. Villagrá ◽

Mario Vega-Barbas ◽

Diego Rivera ◽

Mario Sanz Rodrigo

Keyword(s):

Machine Learning ◽

Intrusion Detection ◽

High Performance ◽

Learning Algorithm ◽

Detection System ◽

Machine Learning Algorithms ◽

Statistical Characteristics ◽

Detection Techniques ◽

Traffic Characteristics ◽

Benchmark Datasets

Security in IoT networks is currently mandatory, due to the high amount of data that has to be handled. These systems are vulnerable to several cybersecurity attacks, which are increasing in number and sophistication. Due to this reason, new intrusion detection techniques have to be developed, being as accurate as possible for these scenarios. Intrusion detection systems based on machine learning algorithms have already shown a high performance in terms of accuracy. This research proposes the study and evaluation of several preprocessing techniques based on traffic categorization for a machine learning neural network algorithm. This research uses for its evaluation two benchmark datasets, namely UGR16 and the UNSW-NB15, and one of the most used datasets, KDD99. The preprocessing techniques were evaluated in accordance with scalar and normalization functions. All of these preprocessing models were applied through different sets of characteristics based on a categorization composed by four groups of features: basic connection features, content characteristics, statistical characteristics and finally, a group which is composed by traffic-based features and connection direction-based traffic characteristics. The objective of this research is to evaluate this categorization by using various data preprocessing techniques to obtain the most accurate model. Our proposal shows that, by applying the categorization of network traffic and several preprocessing techniques, the accuracy can be enhanced by up to 45%. The preprocessing of a specific group of characteristics allows for greater accuracy, allowing the machine learning algorithm to correctly classify these parameters related to possible attacks.

Download Full-text

A Review of Intrusion Detection Systems in Cloud Computing

Cloud Security ◽

10.4018/978-1-5225-8176-5.ch003 ◽

2019 ◽

pp. 54-83

Author(s):

Chiba Zouhair ◽

Noreddine Abghour ◽

Khalid Moussaid ◽

Amina El Omri ◽

Mohamed Rida

Keyword(s):

Cloud Computing ◽

Intrusion Detection ◽

Detection System ◽

Security Requirements ◽

Intrusion Detection Systems ◽

Cloud Environment ◽

Detection Techniques ◽

Detection Systems ◽

Cloud Architecture ◽

Data Source

Security is a major challenge faced by cloud computing (CC) due to its open and distributed architecture. Hence, it is vulnerable and prone to intrusions that affect confidentiality, availability, and integrity of cloud resources and offered services. Intrusion detection system (IDS) has become the most commonly used component of computer system security and compliance practices that defends cloud environment from various kinds of threats and attacks. This chapter presents the cloud architecture, an overview of different intrusions in the cloud, the challenges and essential characteristics of cloud-based IDS (CIDS), and detection techniques used by CIDS and their types. Then, the authors analyze 24 pertinent CIDS with respect to their various types, positioning, detection time, and data source. The analysis also gives the strength of each system and limitations in order to evaluate whether they carry out the security requirements of CC environment or not.

Download Full-text

An Anomaly-Based Intrusion Detection System for Internet of Medical Things Networks

Electronics ◽

10.3390/electronics10212562 ◽

2021 ◽

Vol 10 (21) ◽

pp. 2562

Author(s):

Georgios Zachos ◽

Ismael Essop ◽

Georgios Mantas ◽

Kyriakos Porfyrakis ◽

José C. Ribeiro ◽

...

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Computational Cost ◽

Healthcare Sector ◽

The Internet ◽

Full Potential ◽

Log Files ◽

Wide Range ◽

Internet Of Medical Things

Over the past few years, the healthcare sector is being transformed due to the rise of the Internet of Things (IoT) and the introduction of the Internet of Medical Things (IoMT) technology, whose purpose is the improvement of the patient’s quality of life. Nevertheless, the heterogenous and resource-constrained characteristics of IoMT networks make them vulnerable to a wide range of threats. Thus, novel security mechanisms, such as accurate and efficient anomaly-based intrusion detection systems (AIDSs), considering the inherent limitations of the IoMT networks, need to be developed before IoMT networks reach their full potential in the market. Towards this direction, in this paper, we propose an efficient and effective anomaly-based intrusion detection system (AIDS) for IoMT networks. The proposed AIDS aims to leverage host-based and network-based techniques to reliably collect log files from the IoMT devices and the gateway, as well as traffic from the IoMT edge network, while taking into consideration the computational cost. The proposed AIDS is to rely on machine learning (ML) techniques, considering the computation overhead, in order to detect abnormalities in the collected data and thus identify malicious incidents in the IoMT network. A set of six popular ML algorithms was tested and evaluated for anomaly detection in the proposed AIDS, and the evaluation results showed which of them are the most suitable.

Download Full-text

Intrusion Detection Techniques for Secure Communication in Different Wireless Networks

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.i1137.0789s219 ◽

2019 ◽

Vol 8 (9S2) ◽

pp. 668-671

Keyword(s):

Wireless Networks ◽

Network Security ◽

Intrusion Detection ◽

Wireless Lan ◽

Secure Communication ◽

Detection System ◽

Technological Advancement ◽

Detection Techniques ◽

Wireless Network Security ◽

Active Interest

Technological advancement in the design of wireless communication have propelled an active interest in the field of Wireless Networks, Wireless Sensor Networks (WSNs), and Mobile Adhoc Networks (MANETs). Now days the speed and privacy are more reason of concern than the performance. The attacks can occur and there is always a chance that it will be a success. One of the major problems with Wireless Network security is that, all types of attacks are not known, and new ones emerge constantly [6]. Moreover, there is also a range of attacks that can be launched in the different mode, and thus making it more difficult for the Intrusion Detection System (IDS) to detect them. Therefore, main approach in network security is to detect and remove malicious intrusions. In this paper three different techniques have been proposed for securing Wireless LAN, WSNs and MANETs.

Download Full-text

Reduct ECOC Framework for Network Intrusion Detection System

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.b4238.029320 ◽

2020 ◽

Vol 9 (3) ◽

pp. 258-266

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Class Imbalance ◽

Classification Problem ◽

Network Intrusion ◽

Wide Range ◽

Multi Class Classification ◽

Network Technologies ◽

Better Than

Now a day’s network security is major concern for e-government and e-commerce applications. A wide range of malicious activities are increasing with the usage of internet and network technologies. Identifying novel threats and finding modern solutions for network to prevent from these threats are important. Designing an effective intrusion detection system is significant to continuously look out the network activities to efficiently thwart malicious attacks or to identify the intruders. To tackle multi class imbalance classification problem in networks, a reduct based ECOC ensemble framework for NIDS is proposed to efficiently identify attacks in a multi class scenario. The Reduct-ECOC classifier is validated on highly imbalanced benchmark NSL-KDD intrusion datasets as well as other UCI-ML datasets. The experimental results on eight highly imbalanced datasets show that Reduct-ECOC classifier performs better than many other state-of-art multi-class classification ECOC learning methods.

Download Full-text

An Application and Performance Evaluation of Twin Extreme Learning Machine Classifier for Intrusion Detection

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.h6821.078919 ◽

2019 ◽

Vol 8 (9) ◽

pp. 219-222

Keyword(s):

Intrusion Detection ◽

Extreme Learning Machine ◽

Intrusion Detection System ◽

Detection System ◽

Twin Support Vector Machine ◽

Support Vector ◽

Detection Techniques ◽

Learning Machines ◽

And Performance ◽

Learning Machine

Network along with Security is most significant in the digitalized environment. It is necessary to secure data from hackers and intruders. A strategy involved in protection of information from hackers will be termed as Intrusion Detection System (IDS).By taking into nature of attack or the usual conduct of user, investigation along with forecasting activities of the clients will be performed by mentioned system.Variousstrategies are utilized for the intrusion detection system. For the purpose of identification of hacking activity, utilization of machine learning based approach might be considered as novel strategy.In this paper, for identification of the hacking activity will be carried out by Twin Extreme Learning Machines (TELM).Employing the concept of Twin Support Vector Machine with the fundamental structure of Extreme Learning Machine is considered in the establishment of Twin Extreme Learning Machine (TELM).Also, its performance and accuracy are compared with the other intrusion detection techniques

Download Full-text

A Performance Comparison and Enhancement of Animal Species Detection in Images with Various R-CNN Models

AI ◽

10.3390/ai2040034 ◽

2021 ◽

Vol 2 (4) ◽

pp. 552-577

Author(s):

Mai Ibraheam ◽

Kin Fun Li ◽

Fayez Gebali ◽

Leonard E. Sielecki

Keyword(s):

Object Detection ◽

Network Architecture ◽

Animal Species ◽

Detection System ◽

Real Life ◽

Medical Diagnostics ◽

Performance Comparison ◽

Species Detection ◽

Detection Techniques ◽

Wide Range

Object detection is one of the vital and challenging tasks of computer vision. It supports a wide range of applications in real life, such as surveillance, shipping, and medical diagnostics. Object detection techniques aim to detect objects of certain target classes in a given image and assign each object to a corresponding class label. These techniques proceed differently in network architecture, training strategy and optimization function. In this paper, we focus on animal species detection as an initial step to mitigate the negative impacts of wildlife–human and wildlife–vehicle encounters in remote wilderness regions and on highways. Our goal is to provide a summary of object detection techniques based on R-CNN models, and to enhance the performance of detecting animal species in accuracy and speed, by using four different R-CNN models and a deformable convolutional neural network. Each model is applied on three wildlife datasets, results are compared and analyzed by using four evaluation metrics. Based on the evaluation, an animal species detection system is proposed.

Download Full-text

Intrusion Detection System on Big data using Deep Learning Techniques

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.d2011.029420 ◽

2020 ◽

Vol 9 (4) ◽

pp. 3242-3247

Keyword(s):

Big Data ◽

Deep Learning ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

False Positive Rate ◽

Gradient Boosting ◽

Detection Techniques ◽

Ensemble Techniques ◽

Reliable Classification

Big data is the huge amount of data with different types of V’s: Velocity, Variety as well as Volume. It can be semi-structured, unstructured or structured, due to which it is not easy to analyze the data. To extract the hidden knowledge and to detect the attacks on large amount of data new architecture, techniques, algorithms, and analytics are required. Using traditional techniques to detect attacks is very difficult. In this paper, the detailed review has been done on intrusion detection on various fields using deep learning and gives an idea of applications of deep learning. The number of attacks has been increased in computer networks. A powerful Intrusion Detection System (IDS) is required to ensure the security of a network. Based on review, it is found that some studies have been done in this field, but a deep and exhaustive work has still not been done. Many researchers proposed an IDS using deep learning for unforeseen and unpredictable attacks but not for Big Data. The proposed work is based on Deep learning based intrusion detection System for big datasets named hybrid-DeepResNet-RNN run till 1,000 epochs with learning rate varying range [0.01-0.5] and three ensemble techniques, Random Forest, Decision tree regression and Gradient Boosting Tree (GBT). It is used to develop the hybrid, secure, scalable NIDS which is based on deep learning and big data techniques. The proposed classifiers produce a more reliable classification than a single classifier. The experimental results are in terms of detection rate (98.86%), false positive rate (1.110%), accuracy (99.34%) and F-Measure (97.90%). The results illuminate the better performance than existing anomaly detection techniques in the big data environment.

Download Full-text