A Bayesian Rule Learning Based Intrusion Detection System for the MQTT Communication Protocol

2021 ◽  
Author(s):  
Qi Liu ◽  
Hubert B. Keller ◽  
Veit Hagenmeyer
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Communication Protocol ◽  
Detection System ◽  
Rule Learning

scholarly journals An Autoencoder-Based Network Intrusion Detection System for the SCADA System

2021 ◽  
pp. 210-216
Author(s):  
Mustafa Altaha ◽  
◽  
Jae-Myeong Lee ◽  
Muhammad Aslam ◽  
Sugwon Hong
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Communication Protocol ◽  
Detection System ◽  
Main Tool ◽  
Detection Model ◽  
Scada System ◽  
Network Intrusion ◽  
Power Substation

The intrusion detection system (IDS) is the main tool to do security monitoring that is one of the security strategies for the supervisory control and data acquisition (SCADA) system. In this paper, we develop an IDS based on the autoencoder deep learning model (AE-IDS) for the SCADA system. The target SCADA communication protocol of the detection model is the Distributed Network Protocol 3 (DNP3), which is currently the most commonly utilized communication protocol in the power substation. Cyberattacks that we consider are data injection or modification attacks, which are the most critical attacks in the SCADA systems. In this paper, we extracted 17 data features from DNP3 communication, and use them to train the autoencoder network. We measure accuracy and loss of detection and compare them with different supervised deep learning algorithms. The unsupervised AE-IDS model shows better performance than the other deep learning IDS models.

scholarly journals Compression Header Analyzer Intrusion Detection System (CHA - IDS) for 6LoWPAN Communication Protocol

IEEE Access ◽  
2018 ◽  
Vol 6 ◽  
pp. 16623-16638 ◽  
Author(s):  
Mohamad Nazrin Napiah ◽  
Mohd Yamani Idna Bin Idris ◽  
Roziana Ramli ◽  
Ismail Ahmedy
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Communication Protocol ◽  
Detection System

scholarly journals Provoking the Adversary by Detecting Eavesdropping and Jamming Attacks: A Game-Theoretical Framework

2018 ◽  
Vol 2018 ◽  
pp. 1-14 ◽  
Author(s):  
Ahmed Salem ◽  
Xuening Liao ◽  
Yulong Shen ◽  
Xiaohong Jiang
Keyword(s):  
Game Theory ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Communication Protocol ◽  
Time Slot ◽  
Detection System ◽  
Stochastic Game ◽  
Jamming Attacks ◽  
Game Value ◽  
Stochastic Game Theory

This paper investigates the secrecy and reliability of a communication where the user is assisting an Intrusion Detection System (IDS) in detecting the adversary’s attack. The adversary is assumed to be sophisticated such that it can conduct eavesdropping and jamming attacks. The IDS is equipped with the capability of detecting both of those attacks. Two scenarios were considered; the first scenario is that the user is trying to detect the adversary by assisting the IDS, and the second scenario is that the user is equipped with a silent time slot in its communication protocol besides assisting the IDS, in order to provoke the adversary into jamming the channel, thus detecting it with a higher probability. Interestingly, adding the capability of detecting eavesdropping attacks pushed the adversary into conducting jamming attacks much more, thus aiding in detecting the adversary earlier. All of that was modeled by means of stochastic game theory, in order to analyze and study the behavior and the interactions between the user and the adversary. Results show a major improvement in the first scenario by 188% and an improvement by 294% in the second scenario in the game value when the probability of detecting eavesdropping attacks was 0.3, which represents the payoff that the user gains in terms of secrecy and reliability.

scholarly journals Preventing MQTT Vulnerabilities Using IoT-Enabled Intrusion Detection System

Sensors ◽  
2022 ◽  
Vol 22 (2) ◽  
pp. 567
Author(s):  
Muhammad Husnain ◽  
Khizar Hayat ◽  
Enrico Cambiaso ◽  
Ubaid U. Fayyaz ◽  
Maurizio Mongelli ◽  
...  
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Communication Protocol ◽  
Detection System ◽  
Communication Technologies ◽  
Cyber Attacks ◽  
Iot Security ◽  
Iot Applications ◽  
Iot Devices ◽  
Main Component

The advancement in the domain of IoT accelerated the development of new communication technologies such as the Message Queuing Telemetry Transport (MQTT) protocol. Although MQTT servers/brokers are considered the main component of all MQTT-based IoT applications, their openness makes them vulnerable to potential cyber-attacks such as DoS, DDoS, or buffer overflow. As a result of this, an efficient intrusion detection system for MQTT-based applications is still a missing piece of the IoT security context. Unfortunately, existing IDSs do not provide IoT communication protocol support such as MQTT or CoAP to validate crafted or malformed packets for protecting the protocol implementation vulnerabilities of IoT devices. In this paper, we have designed and developed an MQTT parsing engine that can be integrated with network-based IDS as an initial layer for extensive checking against IoT protocol vulnerabilities and improper usage through a rigorous validation of packet fields during the packet-parsing stage. In addition, we evaluate the performance of the proposed solution across different reported vulnerabilities. The experimental results demonstrate the effectiveness of the proposed solution for detecting and preventing the exploitation of vulnerabilities on IoT protocols.

Sign in / Sign up

Export Citation Format

Share Document