scholarly journals The Anomaly- and Signature-Based IDS for Network Security Using Hybrid Inference Systems

2021 ◽  
Vol 2021 ◽  
pp. 1-10
Author(s):  
Sajad Einy ◽  
Cemil Oz ◽  
Yahya Dorostkar Navaei
Keyword(s):  
Intrusion Detection ◽  
Communication Networks ◽  
Web Applications ◽  
Intrusion Detection Systems ◽  
Detection Systems ◽  
Warning Messages ◽  
Network Intrusion ◽  
Main Challenge ◽  
The Neural Network ◽  
Inference Systems

With the expansion of communication in today’s world and the possibility of creating interactions between people through communication networks regardless of the distance dimension, the issue of creating security for the data and information exchanged has received much attention from researchers. Various methods have been proposed for this purpose; one of the most important methods is intrusion detection systems to quickly detect intrusions into the network and inform the manager or responsible people to carry out an operational set to reduce the amount of damage caused by these intruders. The main challenge of the proposed intrusion detection systems is the number of erroneous warning messages generated and the low percentage of accurate detection of intrusions in them. In this research, the Suricata IDS/IPS is deployed along with the NN model for the metaheuristic’s manual detection of malicious traffic in the targeted network. For the metaheuristic-based feature selection, the neural network, and the anomaly-based detection, the fuzzy logic is used in this research paper. The latest stable version of Kali Linux 2020.3 is used as an attacking system for web applications and different types of operating systems. The proposed method has achieved 96.111% accuracy for detecting network intrusion.

Network Intrusion Visualization with NIVA, an Intrusion Detection Visual and Haptic Analyzer

2003 ◽  
Vol 2 (2) ◽  
pp. 82-94 ◽  
Author(s):  
Craig Scott ◽  
Kofi Nyarko ◽  
Tanya Capers ◽  
Jumoke Ladeji-Osias
Keyword(s):  
Intrusion Detection ◽  
Communication Networks ◽  
Large Scale ◽  
Three Dimensional ◽  
Relevant Information ◽  
Gravitational Theory ◽  
Intrusion Detection Systems ◽  
Detection Systems ◽  
Network Intrusion ◽  
Visualization Techniques

The rapid growth of malicious activities on worldwide communication networks, such as the Internet, has highlighted the need for efficient intrusion detection systems. The efficiency of traditional intrusion detection systems is limited, in part, by their inability to relay effectively relevant information due to their lack of interactive/immersive technologies. In this paper, we explore several network visualization techniques geared toward intrusion detection on small- and large-scale networks. We also examine the use of haptics in network intrusion visualization. By incorporating concepts from electromagnetics, fluid dynamics, and gravitational theory, we show that haptic technologies can provide another dimension of information critical to the efficient visualization of network intrusion data. Furthermore, we explore the applicability of these visualization techniques in conjunction with commercial network intrusion detectors. Finally, we present a network intrusion visualization application with haptic integration, NIVA, which allows the analyst to interactively investigate as well as efficiently detect structured attacks across time and space using advanced interactive three-dimensional displays.

scholarly journals Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT

2021 ◽  
Vol 1 (2) ◽  
pp. 252-273
Author(s):  
Pavlos Papadopoulos ◽  
Oliver Thornewill von Essen ◽  
Nikolaos Pitropakis ◽  
Christos Chrysoulas ◽  
Alexios Mylonas ◽  
...  
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Learning Models ◽  
Detection Systems ◽  
Network Intrusion ◽  
Robust Model ◽  
Significant Probability ◽  
Adversarial Examples ◽  
Attack Surface

As the internet continues to be populated with new devices and emerging technologies, the attack surface grows exponentially. Technology is shifting towards a profit-driven Internet of Things market where security is an afterthought. Traditional defending approaches are no longer sufficient to detect both known and unknown attacks to high accuracy. Machine learning intrusion detection systems have proven their success in identifying unknown attacks with high precision. Nevertheless, machine learning models are also vulnerable to attacks. Adversarial examples can be used to evaluate the robustness of a designed model before it is deployed. Further, using adversarial examples is critical to creating a robust model designed for an adversarial environment. Our work evaluates both traditional machine learning and deep learning models’ robustness using the Bot-IoT dataset. Our methodology included two main approaches. First, label poisoning, used to cause incorrect classification by the model. Second, the fast gradient sign method, used to evade detection measures. The experiments demonstrated that an attacker could manipulate or circumvent detection with significant probability.

scholarly journals THE LOAD BALANCING OF SELF-SIMILAR TRAFFIC IN NETWORK INTRUSION DETECTION SYSTEMS

2020 ◽  
Vol 3 (7) ◽  
pp. 17-30
Author(s):  
Tamara Radivilova ◽  
Lyudmyla Kirichenko ◽  
Maksym Tawalbeh ◽  
Petro Zinchenko ◽  
Vitalii Bulakh
Keyword(s):  
Load Balancing ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Deep Packet Inspection ◽  
Detection Systems ◽  
Network Intrusion ◽  
Load Imbalance ◽  
Packet Inspection

The problem of load balancing in intrusion detection systems is considered in this paper. The analysis of existing problems of load balancing and modern methods of their solution are carried out. Types of intrusion detection systems and their description are given. A description of the intrusion detection system, its location, and the functioning of its elements in the computer system are provided. Comparative analysis of load balancing methods based on packet inspection and service time calculation is performed. An analysis of the causes of load imbalance in the intrusion detection system elements and the effects of load imbalance is also presented. A model of a network intrusion detection system based on packet signature analysis is presented. This paper describes the multifractal properties of traffic. Based on the analysis of intrusion detection systems, multifractal traffic properties and load balancing problem, the method of balancing is proposed, which is based on the funcsioning of the intrusion detection system elements and analysis of multifractal properties of incoming traffic. The proposed method takes into account the time of deep packet inspection required to compare a packet with signatures, which is calculated based on the calculation of the information flow multifractality degree. Load balancing rules are generated by the estimated average time of deep packet inspection and traffic multifractal parameters. This paper presents the simulation results of the proposed load balancing method compared to the standard method. It is shown that the load balancing method proposed in this paper provides for a uniform load distribution at the intrusion detection system elements. This allows for high speed and accuracy of intrusion detection with high-quality multifractal load balancing.

Sign in / Sign up

Export Citation Format

Share Document