Anonymization of Network Traces Data through Condensation-based Differential Privacy

Network traces are considered a primary source of information to researchers, who use them to investigate research problems such as identifying user behavior, analyzing network hierarchy, maintaining network security, classifying packet flows, and much more. However, most organizations are reluctant to share their data with a third party or the public due to privacy concerns. Therefore, data anonymization prior to sharing becomes a convenient solution to both organizations and researchers. Although several anonymization algorithms are available, few of them allow sufficient privacy (organization need), acceptable data utility (researcher need), and efficient data analysis at the same time. This article introduces a condensation-based differential privacy anonymization approach that achieves an improved tradeoff between privacy and utility compared to existing techniques and produces anonymized network trace data that can be shared publicly without lowering its utility value. Our solution also does not incur extra computation overhead for the data analyzer. A prototype system has been implemented, and experiments have shown that the proposed approach preserves privacy and allows data analysis without revealing the original data even when injection attacks are launched against it. When anonymized datasets are given as input to graph-based intrusion detection techniques, they yield almost identical intrusion detection rates as the original datasets with only a negligible impact.

Download Full-text

Intrusion Detection Systems

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b1540.0982s1119 ◽

2019 ◽

Vol 8 (2S11) ◽

pp. 3976-3983

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Intrusion Detection Systems ◽

Detection Rates ◽

Detailed Review ◽

Detection Techniques ◽

Detection Systems ◽

Research Gap ◽

Detection Schemes

Intrusion Detection System is competent to detect the intrusions and alerting the administrator of system about the signs of possible intrusions. This paper presents a detailed review of the intrusion detection techniques used in WSNs. More specifically, the existing methods for blackhole and sinkhole attacks detection are reviewed. However, it is noted that most intrusion detection schemes proposed in the literature are either inefficient or have low detection rates/high false positive rates. This survey also highlights the research gap in this domain and provides better scope for the advanced work.

Download Full-text

Intrusion Detection Systems: A Review

Restaurant Business ◽

10.26643/rb.v118i6.7239 ◽

2019 ◽

Vol 118 (6) ◽

pp. 60-79

Author(s):

Ashwini V. Jatti ◽

V. J. K. Kishor Sonti

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Intrusion Detection Systems ◽

Detection Rates ◽

Detailed Review ◽

Detection Techniques ◽

Detection Systems ◽

Research Gap ◽

Detection Schemes

Download Full-text

Intrusion Detection Systems: A Review

Restaurant Business ◽

10.26643/rb.v118i7.7246 ◽

2019 ◽

Vol 118 (7) ◽

pp. 50-58

Author(s):

Ashwini V. Jatti ◽

V. J. K. Kishor Sonti

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Intrusion Detection Systems ◽

Detection Rates ◽

Detailed Review ◽

Detection Techniques ◽

Detection Systems ◽

Research Gap ◽

Detection Schemes

Download Full-text

DE-IDENTIFICATION TECHNIQUE FOR IOT WIRELESS SENSOR NETWORK PRIVACY PROTECTION

Jurnal Ilmu Komputer dan Informasi ◽

10.21609/jiki.v10i1.440 ◽

2017 ◽

Vol 10 (1) ◽

pp. 1

Author(s):

Yennun Huang ◽

Szu-Chuang Li ◽

Bo-Chen Tai ◽

Chieh-Ming Chang ◽

Dmitrii I. Kaplun ◽

...

Keyword(s):

Data Analysis ◽

Privacy Protection ◽

Differential Privacy ◽

Third Party ◽

Wireless Sensor ◽

The Public ◽

Privacy Leakage ◽

Data Owner ◽

Identification Technique ◽

Iot Devices

As the IoT ecosystem becoming more and more mature, hardware and software vendors are trying create new value by connecting all kinds of devices together via IoT. IoT devices are usually equipped with sensors to collect data, and the data collected are transmitted over the air via different kinds of wireless connection. To extract the value of the data collected, the data owner may choose to seek for third-party help on data analysis, or even of the data to the public for more insight. In this scenario it is important to protect the released data from privacy leakage. Here we propose that differential privacy, as a de-identification technique, can be a useful approach to add privacy protection to the data released, as well as to prevent the collected from intercepted and decoded during over-the-air transmission. A way to increase the accuracy of the count queries performed on the edge cases in a synthetic database is also presented in this research.

Download Full-text

A Universal High-Performance Correlation Analysis Detection Model and Algorithm for Network Intrusion Detection System

Mathematical Problems in Engineering ◽

10.1155/2017/8439706 ◽

2017 ◽

Vol 2017 ◽

pp. 1-9 ◽

Cited By ~ 1

Author(s):

Hongliang Zhu ◽

Wenhan Liu ◽

Maohua Sun ◽

Yang Xin

Keyword(s):

Intrusion Detection ◽

Correlation Analysis ◽

Intrusion Detection System ◽

High Performance ◽

Detection System ◽

Transition Diagram ◽

Detection Rates ◽

Detection Techniques ◽

Detection Model ◽

Network Intrusion

In big data era, the single detection techniques have already not met the demand of complex network attacks and advanced persistent threats, but there is no uniform standard to make different correlation analysis detection be performed efficiently and accurately. In this paper, we put forward a universal correlation analysis detection model and algorithm by introducing state transition diagram. Based on analyzing and comparing the current correlation detection modes, we formalize the correlation patterns and propose a framework according to data packet timing and behavior qualities and then design a new universal algorithm to implement the method. Finally, experiment, which sets up a lightweight intrusion detection system using KDD1999 dataset, shows that the correlation detection model and algorithm can improve the performance and guarantee high detection rates.

Download Full-text

Enhanced intrusion detection techniques for mobile ad hoc networks

IET-UK International Conference on Information and Communication Technology in Electrical Sciences (ICTES 2007) ◽

10.1049/ic:20070757 ◽

2007 ◽

Cited By ~ 4

Author(s):

L.P. Rajeswari ◽

R.A.X. Annie ◽

A. Kannan

Keyword(s):

Intrusion Detection ◽

Ad Hoc Networks ◽

Mobile Ad Hoc Networks ◽

Ad Hoc ◽

Detection Techniques ◽

Mobile Ad Hoc ◽

Hoc Networks

Download Full-text

An IoT-Focused Intrusion Detection System Approach Based on Preprocessing Characterization for Cybersecurity Datasets

Sensors ◽

10.3390/s21020656 ◽

2021 ◽

Vol 21 (2) ◽

pp. 656

Author(s):

Xavier Larriva-Novo ◽

Víctor A. Villagrá ◽

Mario Vega-Barbas ◽

Diego Rivera ◽

Mario Sanz Rodrigo

Keyword(s):

Machine Learning ◽

Intrusion Detection ◽

High Performance ◽

Learning Algorithm ◽

Detection System ◽

Machine Learning Algorithms ◽

Statistical Characteristics ◽

Detection Techniques ◽

Traffic Characteristics ◽

Benchmark Datasets

Security in IoT networks is currently mandatory, due to the high amount of data that has to be handled. These systems are vulnerable to several cybersecurity attacks, which are increasing in number and sophistication. Due to this reason, new intrusion detection techniques have to be developed, being as accurate as possible for these scenarios. Intrusion detection systems based on machine learning algorithms have already shown a high performance in terms of accuracy. This research proposes the study and evaluation of several preprocessing techniques based on traffic categorization for a machine learning neural network algorithm. This research uses for its evaluation two benchmark datasets, namely UGR16 and the UNSW-NB15, and one of the most used datasets, KDD99. The preprocessing techniques were evaluated in accordance with scalar and normalization functions. All of these preprocessing models were applied through different sets of characteristics based on a categorization composed by four groups of features: basic connection features, content characteristics, statistical characteristics and finally, a group which is composed by traffic-based features and connection direction-based traffic characteristics. The objective of this research is to evaluate this categorization by using various data preprocessing techniques to obtain the most accurate model. Our proposal shows that, by applying the categorization of network traffic and several preprocessing techniques, the accuracy can be enhanced by up to 45%. The preprocessing of a specific group of characteristics allows for greater accuracy, allowing the machine learning algorithm to correctly classify these parameters related to possible attacks.

Download Full-text

A Comparative Study of AI-Based Intrusion Detection Techniques in Critical Infrastructures

ACM Transactions on Internet Technology ◽

10.1145/3406093 ◽

2021 ◽

Vol 21 (4) ◽

pp. 1-22

Author(s):

Safa Otoum ◽

Burak Kantarci ◽

Hussein Mouftah

Keyword(s):

Reinforcement Learning ◽

Intrusion Detection ◽

Comparative Study ◽

Performance Metrics ◽

Action Learning ◽

Smart Devices ◽

Critical Infrastructures ◽

State Action ◽

Detection Techniques ◽

Depth Analysis

Volunteer computing uses Internet-connected devices (laptops, PCs, smart devices, etc.), in which their owners volunteer them as storage and computing power resources, has become an essential mechanism for resource management in numerous applications. The growth of the volume and variety of data traffic on the Internet leads to concerns on the robustness of cyberphysical systems especially for critical infrastructures. Therefore, the implementation of an efficient Intrusion Detection System for gathering such sensory data has gained vital importance. In this article, we present a comparative study of Artificial Intelligence (AI)-driven intrusion detection systems for wirelessly connected sensors that track crucial applications. Specifically, we present an in-depth analysis of the use of machine learning, deep learning and reinforcement learning solutions to recognise intrusive behavior in the collected traffic. We evaluate the proposed mechanisms by using KDD’99 as real attack dataset in our simulations. Results present the performance metrics for three different IDSs, namely the Adaptively Supervised and Clustered Hybrid IDS (ASCH-IDS), Restricted Boltzmann Machine-based Clustered IDS (RBC-IDS), and Q-learning based IDS (Q-IDS), to detect malicious behaviors. We also present the performance of different reinforcement learning techniques such as State-Action-Reward-State-Action Learning (SARSA) and the Temporal Difference learning (TD). Through simulations, we show that Q-IDS performs with detection rate while SARSA-IDS and TD-IDS perform at the order of .

Download Full-text

Quantitative Coding of Negotiation Behavior

International Negotiation ◽

10.1163/1571806053498805 ◽

2004 ◽

Vol 9 (3) ◽

pp. 441-456 ◽

Cited By ~ 50

Author(s):

Laurie Weingart ◽

Philip Smith ◽

Mara Olekalns

Keyword(s):

Data Analysis ◽

Quantitative Data ◽

Primary Source ◽

Research Process ◽

Fundamental Step ◽

Coding Scheme ◽

Negotiation Behavior ◽

Negotiation Processes ◽

Shed Light

AbstractThe examination of negotiation processes is seen by many researchers as an insurmountable task largely because the required methods are unfamiliar and labor-intensive. In this article, we shed light on a fundamental step in studying negotiation processes, the quantitative coding of data. Relying on videotapes as the primary source of data, we review the steps required to extract usable quantitative data and the lessons we've learned in doing so in our own research. We review our experience working with one large negotiation dataset, Towers Market II, to illustrate two steps within the larger research process: developing a coding scheme and coding the data. We then go on to discuss some of the issues that need to be resolved before data analysis begins.

Download Full-text

A Design of an Integrated Cloud-based Intrusion Detection System with Third Party Cloud Service

Open Computer Science ◽

10.1515/comp-2020-0214 ◽

2021 ◽

Vol 11 (1) ◽

pp. 365-379

Author(s):

Wisam Elmasry ◽

Akhan Akbulut ◽

Abdul Halim Zaim

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Cloud Service ◽

Third Party ◽

Traffic Flows ◽

Cloud Environment ◽

System Service ◽

Reporting Service ◽

Bagging Ensemble

Abstract Although cloud computing is considered the most widespread technology nowadays, it still suffers from many challenges, especially related to its security. Due to the open and distributed nature of the cloud environment, this makes the cloud itself vulnerable to various attacks. In this paper, the design of a novel integrated Cloud-based Intrusion Detection System (CIDS) is proposed to immunise the cloud against any possible attacks. The proposed CIDS consists of five main modules to do the following actions: monitoring the network, capturing the traffic flows, extracting features, analyzing the flows, detecting intrusions, taking a reaction, and logging all activities. Furthermore an enhanced bagging ensemble system of three deep learning models is utilized to predict intrusions effectively. Moreover, a third-party Cloud-based Intrusion Detection System Service (CIDSS) is also exploited to control the proposed CIDS and provide the reporting service. Finally, it has been shown that the proposed approach overcomes all problems associated with attacks on the cloud raised in the literature.

Download Full-text