scholarly journals Intelligent Detection System Enabled Attack Probability Using Markov Chain in Aerial Networks

2021 ◽  
Vol 2021 ◽  
pp. 1-9
Author(s):  
Inam Ullah Khan ◽  
Asrin Abdollahi ◽  
Ryan Alturki ◽  
Mohammad Dahman Alshehri ◽  
Mohammed Abdulaziz Ikram ◽  
...  
Keyword(s):  
Markov Chain ◽  
Queue Length ◽  
Queuing Theory ◽  
Detection System ◽  
Denial Of Service ◽  
False Negative ◽  
Attack Detection ◽  
Industrial Control Systems ◽  
Flooding Attacks ◽  
Attack Probability

The Internet of Things (IoT) plays an important role to connect people, data, processes, and things. From linked supply chains to big data produced by a large number of IoT devices to industrial control systems where cybersecurity has become a critical problem in IoT-powered systems. Denial of Service (DoS), distributed denial of service (DDoS), and ping of death attacks are significant threats to flying networks. This paper presents an intrusion detection system (IDS) based on attack probability using the Markov chain to detect flooding attacks. While the paper includes buffer queue length by using queuing theory concept to evaluate the network safety. Also, the network scenario will change due to the dynamic nature of flying vehicles. Simulation describes the queue length when the ground station is under attack. The proposed IDS utilizes the optimal threshold to make a tradeoff between false positive and false negative states with Markov binomial and Markov chain distribution stochastic models. However, at each time slot, the results demonstrate maintaining queue length in normal mode with less packet loss and high attack detection.

Application of Deep Learning Technique in an Intrusion Detection System

2020 ◽  
Vol 19 (02) ◽  
pp. 2050016
Author(s):  
Shideh Saraeian ◽  
Mahya Mohammadi Golchi
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Visual Analysis ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Hybrid Network ◽  
Machine Learning Techniques ◽  
Learning Technique

Comprehensive development of computer networks causes the increment of Distributed Denial of Service (DDoS) attacks. These types of attacks can easily restrict communication and computing. Among all the previous researches, the accuracy of the attack detection has not been properly addressed. In this study, deep learning technique is used in a hybrid network-based Intrusion Detection System (IDS) to detect intrusion on network. The performance of the proposed technique is evaluated on the NSL-KDD and ISCXIDS 2012 datasets. We performed traffic visual analysis using Wireshark tool and did some experimentations to prove the superiority of the proposed method. The results have shown that our proposed method achieved higher accuracy in comparison with other useful machine learning techniques.

scholarly journals DoS and DDoS Attack Detection Using Deep Learning and IDS

2020 ◽  
Vol 17 (4A) ◽  
pp. 655-661
Author(s):  
Mohammad Shurman ◽  
Rami Khrais ◽  
Abdulrahman Yateem
Keyword(s):  
Deep Learning ◽  
Short Term Memory ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Target System ◽  
Online Systems ◽  
Ddos Attack ◽  
Long Short Term Memory ◽  
Ddos Attack Detection

In the recent years, Denial-of-Service (DoS) or Distributed Denial-of-Service (DDoS) attack has spread greatly and attackers make online systems unavailable to legitimate users by sending huge number of packets to the target system. In this paper, we proposed two methodologies to detect Distributed Reflection Denial of Service (DrDoS) attacks in IoT. The first methodology uses hybrid Intrusion Detection System (IDS) to detect IoT-DoS attack. The second methodology uses deep learning models, based on Long Short-Term Memory (LSTM) trained with latest dataset for such kinds of DrDoS. Our experimental results demonstrate that using the proposed methodologies can detect bad behaviour making the IoT network safe of Dos and DDoS attacks

scholarly journals Deep Learning Based Attack Detection in IIoT using Two-Level Intrusion Detection System

2021 ◽  
Author(s):  
Kathiroli Raja ◽  
Krithika Karthikeyan ◽  
Abilash B ◽  
Kapal Dev ◽  
Gunasekaran Raja
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Production Management ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Sensitive Information ◽  
Smart Meters ◽  
Network Intrusion

Abstract The Industrial Internet of Things (IIoT), also known as Industry 4.0, has brought a revolution in the production and manufacturing sectors as it assists in the automation of production management and reduces the manual effort needed in auditing and managing the pieces of machinery. IoT-enabled industries, in general, use sensors, smart meters, and actuators. Most of the time, the data held by these devices is surpassingly sensitive and private. This information might be modified,
1
stolen, or even the devices may be subjected to a Denial of Service (DoS) attack. As a consequence, the product quality may deteriorate or sensitive information may be leaked. An Intrusion Detection System (IDS), implemented in the network layer of IIoT, can detect attacks, thereby protecting the data and devices. Despite substantial advancements in attack detection in IIoT, existing works fail to detect certain attacks obfuscated from detectors resulting in a low detection performance. To address the aforementioned issue, we propose a Deep Learning-based Two Level Network Intrusion Detection System (DLTL-NIDS) for IIoT environment, emphasizing challenging attacks. The attacks that attain low accuracy or low precision in level-1 detection are marked as challenging attacks. Experimental results show that the proposed model, when tested against TON IoT, figures out the challenging attacks well and achieves an accuracy of 99.97%, precision of 95.62%, recall of 99.5%, and F1-score of 99.65%. The proposed DL-TLNIDS, when compared with state-of-art models, achieves a decrease in false alarm rate to 2.34% (flagging normal traffic as an attack) in IIoT.

scholarly journals Detecting High and Low Intensity Distributed Denial of Service (DDoS) Attacks

2021 ◽  
Author(s):  
◽  
Abigail Koay
Keyword(s):  
Information Sharing ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Traffic Classification ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Low Intensity ◽  
Ddos Attack ◽  
Ddos Attack Detection

<p>High and low-intensity attacks are two common Distributed Denial of Service (DDoS) attacks that disrupt Internet users and their daily operations. Detecting these attacks is important to ensure that communication, business operations, and education facilities can run smoothly. Many DDoS attack detection systems have been proposed in the past but still lack performance, scalability, and information sharing ability to detect both high and low-intensity DDoS attacks accurately and early. To combat these issues, this thesis studies the use of Software-Defined Networking technology, entropy-based features, and machine learning classifiers to develop three useful components, namely a good system architecture, a useful set of features, and an accurate and generalised traffic classification scheme. The findings from the experimental analysis and evaluation results of the three components provide important insights for researchers to improve the overall performance, scalability, and information sharing ability for building an accurate and early DDoS attack detection system.</p>

scholarly journals Design Of Intrusion Detection System For Dos Attack In 6lowpan And RPL Based IoT Network

2019 ◽  
Vol 8 (11) ◽  
pp. 3840-3844
Keyword(s):  
Intrusion Detection ◽  
Low Power ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Area Network ◽  
Dos Attack ◽  
Resource Constrained ◽  
Ipv6 Protocol

Internet of Things (IoT) is a network spread globally and accommodates maximum things under it. All these things are connected globally using IPv6 protocol which satisfies the need of connecting maximum devices by supporting 2^128 addresses. Because of heavy-weight nature of IPv6 protocol, a compressed version of it known as IPv6 Low Power Personal Area Network (6LoWPAN) protocol is used for a resource-constrained network that communicates over low power and lossy links. In IoT, devices are resource-constrained in terms of low battery power, less processing power, less transceiver power, etc. Also these devices are directly connected to insecure internet hence it is very challenging to maintain security in IoT network. In this paper, we have discussed various attacks on 6LoWPAN and RPL network along with countermeasures to reduce the attacks. DoS attack is one of the severe attacks in IoT which has various patterns of execution. Out of various attacks we have designed Intrusion Detection System (IDS) for Denial of Service (DOS) attack detection using Contiki OS and Cooja simulator.

scholarly journals Smart Detection: An Online Approach for DoS/DDoS Attack Detection Using Machine Learning

2019 ◽  
Vol 2019 ◽  
pp. 1-15 ◽  
Author(s):  
Francisco Sales de Lima Filho ◽  
Frederico A. F. Silveira ◽  
Agostinho de Medeiros Brito Junior ◽  
Genoveva Vargas-Solar ◽  
Luiz F. Silveira
Keyword(s):  
Machine Learning ◽  
Network Traffic ◽  
Service Providers ◽  
Detection System ◽  
Denial Of Service ◽  
Sampling Rate ◽  
Attack Detection ◽  
Dos Attacks ◽  
Internet Service ◽  
Benchmark Datasets

Users and Internet service providers (ISPs) are constantly affected by denial-of-service (DoS) attacks. This cyber threat continues to grow even with the development of new protection technologies. Developing mechanisms to detect this threat is a current challenge in network security. This article presents a machine learning- (ML-) based DoS detection system. The proposed approach makes inferences based on signatures previously extracted from samples of network traffic. The experiments were performed using four modern benchmark datasets. The results show an online detection rate (DR) of attacks above 96%, with high precision (PREC) and low false alarm rate (FAR) using a sampling rate (SR) of 20% of network traffic.

scholarly journals Towards Detecting Flooding DDOS Attacks Over Software Defined Networks Using Machine Learning Techniques

2021 ◽  
Vol 11 (4) ◽  
pp. 3837-3865
Author(s):  
Ancy Sherin Jose ◽  
Latha R Nair ◽  
Varghese Paul
Keyword(s):  
Feature Selection ◽  
Denial Of Service ◽  
Attack Detection ◽  
Machine Learning Techniques ◽  
Ddos Attacks ◽  
Method Performance ◽  
Feature Sets ◽  
Flooding Attacks ◽  
Wide Range ◽  
Level Statistics

Distributed Denial of Service Attack (DDoS) has emerged as a major threat to cyber space. A DDoS attack aims at exhausting the resources of the victim causing financial and reputational damages to it. The availability of free software make launching of DDoS attacks easy. The difficulty in differentiating a DDoS traffic from a legitimate traffic burst such as a flash crowd makes DDoS difficult to be identified. A wide range of techniques have been used in conventional networks to detect and mitigate DDoS attacks. Though the advent of Software Defined Networking (SDN) makes a network easy to be managed even SDN is vulnerable to DDoS attacks. In this case, the controller of the SDN gets overloaded with the incoming packets from the switches. In fact, a solution based on security analytics can be put in place to ward off this threat as a proactive security measure using the flow level statistics available from the SDN. Compared to the packet analysis used in traditional networks which is resource expensive the flow level statistics is relatively inexpensive. This paper focuses on the design and implementation of an attack detection system for detecting the flooding DDoS attacks TCP SYN flooding attacks, HTTP request flooding attacks, UDP flooding attacks and ICMP flooding attacks over SDN network traffic. The system uses various classification algorithms to classify a traffic into normal or attack. The feature sets for classification were arrived at using a feature selection module with ANOVA (Analysis of Variance) F-Test statistical method. Performance evaluation of each of the classifiers was carried out for the three feature sets obtained from the feature selection module using various performance measures and the results have been tabulated. The feature set which gives the best performance in detecting malicious traffic has been identified.

scholarly journals Intrusion Detection System using Hybrid SVM-RF and SVM-DT in Wireless Sensor Networks

2019 ◽  
Vol 8 (2S8) ◽  
pp. 1926-1931
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Hybrid Algorithm ◽  
Detection Rate ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Support Vector ◽  
Second Stage ◽  
Network Intrusion

Intrusion detection system (IDS) is one of the essential security mechanisms against attacks in WSN. Network intrusion detection system (NIDS) generally uses the classification techniques in order to obtain the best possible accuracy and attack detection rate. In this paper, Intrusion Detection System is designed which uses two-stage hybrid classification method. In the first stage it uses Support Vector Machine (SVM) as anomaly detection, and in the second stage it uses Random Forest (RF)/Decision Tree (DT) as misuse. The abnormal activities are detected in the first stage. These abnormal activities are further analyzed and the known attacks are identified in the second stage and are classified as Denial of Service (DoS) attack, Probe attack, Remote to Local (R2L) attack and User to Root (U2R) attack. Simulation results reveal that the proposed hybrid algorithm obtains better accuracy and detection rate than the single classifier namely, SVM, RF and DT algorithm. The experimental results also shows that hybrid algorithm can detect anomaly activity in a reliable way. Proposed technique uses the standard NSL KDD dataset to evaluate/calculate the performance of the proposed approach. Here the results show that the proposed Hybrid SVM-RF/DT IDS technique performs better in terms of detection rate, accuracy and recall than the existing SVM, RF and DT approaches.

Sign in / Sign up

Export Citation Format

Share Document