Multiple intrusion detection in RPL based networks

<span lang="EN-US">Routing Protocol for Low Power and Lossy Networks based networks consists of large number of tiny sensor nodes with limited resources. These nodes are directly connected to the Internet through the border router. Hence these nodes are susceptible to different types of attacks. The possible attacks are rank attack, selective forwarding, worm hole and Denial of service attack. These attacks can be effectively identified by intrusion detection system model. The paper focuses on identification of multiple intrusions by considering the network size as 10, 40 and 100 nodes and adding 10%, 20% and 30% of malicious nodes to the considered network. Experiments are simulated using Cooja simulator on Contiki operating system. Behavior of the network is observed based on the percentage of inconsistency achieved, energy consumption, accuracy and false positive rate. Experimental results show that multiple intrusions can be detected effectively by machine learning techniques.</span>

Download Full-text

A New Neural Network-Based Intrusion Detection System for Detecting Malicious Nodes in WSNs

Journal of Computational Science and Intelligent Technologies ◽

10.53409/mnaa.jcsit20201301 ◽

2020 ◽

Vol 1 (3) ◽

pp. 1-8

Author(s):

Narmatha C ◽

Keyword(s):

Neural Network ◽

Intrusion Detection ◽

Key Management ◽

Intrusion Detection System ◽

Detection System ◽

Denial Of Service ◽

Fuzzy Rule ◽

Sensor Nodes ◽

Abnormal Behavior ◽

Malicious Nodes

The Wireless Sensor Networks (WSNs) are vulnerable to numerous security hazards that could affect the entire network performance, which could lead to catastrophic problems such as a denial of service attacks (DoS). The WSNs cannot protect these types of attacks by key management protocols, authentication protocols, and protected routing. A solution to this issue is the intrusion detection system (IDS). It evaluates the network with adequate data obtained and detects the sensor node(s) abnormal behavior. For this work, it is proposed to use the intrusion detection system (IDS), which recognizes automated attacks by WSNs. This IDS uses an improved LEACH protocol cluster-based architecture designed to reduce the energy consumption of the sensor nodes. In combination with the Multilayer Perceptron Neural Network, which includes the Feed Forward Neutral Network (FFNN) and the Backpropagation Neural Network (BPNN), IDS is based on fuzzy rule-set anomaly and abuse detection based learning methods based on the fugitive logic sensor to monitor hello, wormhole and SYBIL attacks.

Download Full-text

Application of Deep Learning Technique in an Intrusion Detection System

International Journal of Computational Intelligence and Applications ◽

10.1142/s1469026820500169 ◽

2020 ◽

Vol 19 (02) ◽

pp. 2050016

Author(s):

Shideh Saraeian ◽

Mahya Mohammadi Golchi

Keyword(s):

Deep Learning ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Visual Analysis ◽

Detection System ◽

Denial Of Service ◽

Attack Detection ◽

Hybrid Network ◽

Machine Learning Techniques ◽

Learning Technique

Comprehensive development of computer networks causes the increment of Distributed Denial of Service (DDoS) attacks. These types of attacks can easily restrict communication and computing. Among all the previous researches, the accuracy of the attack detection has not been properly addressed. In this study, deep learning technique is used in a hybrid network-based Intrusion Detection System (IDS) to detect intrusion on network. The performance of the proposed technique is evaluated on the NSL-KDD and ISCXIDS 2012 datasets. We performed traffic visual analysis using Wireshark tool and did some experimentations to prove the superiority of the proposed method. The results have shown that our proposed method achieved higher accuracy in comparison with other useful machine learning techniques.

Download Full-text

Anomaly Detection in Wireless Sensor Networks: A Proposed Framework

International Journal of Interactive Mobile Technologies (iJIM) ◽

10.3991/ijim.v14i10.14261 ◽

2020 ◽

Vol 14 (10) ◽

pp. 150

Author(s):

Dina M. Ibrahim ◽

Nada M. Alruhaily

Keyword(s):

Wireless Sensor Networks ◽

Sensor Networks ◽

Intrusion Detection ◽

Detection System ◽

Denial Of Service ◽

Research Problem ◽

Sensor Nodes ◽

Base Stations ◽

Sensor Data ◽

Wireless Sensor

With the rise of IOT devices and the systems connected to the internet, there was, accordingly, an ever-increasing number of network attacks (e.g. in DOS, DDOS attacks). A very significant research problem related to identifying Wireless Sensor Networks (WSN) attacks and the analysis of the sensor data is the detection of the relevant anomalies. In this paper, we propose a framework for intrusion detection system in WSN. The first two levels are located inside the WSN, one of them is between sensor nodes and the second is between the cluster heads. While the third level located on the cloud, and represented by the base stations. In the first level, which we called light mode, we simulated an intrusion traffic by generating data packets based on TCPDUMP data, which contain intrusion packets, our work, is done by using WSN technology. We used OPNET simulation for generating the traffic because it allows us to collect intrusion detection data in order to measure the network performance and efficiency of the simulated network scenarios. Finally, we report the experimental results by mimicking a Denial-of-Service (DOS) attack. <em> </em>

Download Full-text

Weighted K Nearest Neighbour-Based Cooperation Intrusion Detection System for Wireless Sensor Networks

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.263-266.2972 ◽

2012 ◽

Vol 263-266 ◽

pp. 2972-2978

Author(s):

Ju Long Pan ◽

Ling Long Hu ◽

Wen Jin Li ◽

Hui Cui ◽

Zi Yin Li

Keyword(s):

Wireless Sensor Networks ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection Rate ◽

Detection System ◽

Sensor Nodes ◽

Wireless Sensor ◽

Nearest Neighbour ◽

Malicious Nodes ◽

Detection Scheme

To identify the malicious nodes timely in wireless sensor networks(WSNs), a cooperation intrusion detection scheme based on weighted k Nearest Neighbour(kNN) is proposed. Given a few types of sensor nodes, the test model extracts the properties of sensor nodes related with the known types of malicious nodes, and establishes sample spaces of all sensor nodes which participate in network activities. According to the known node’s attributes sampled, the unknown type sensor nodes are classified based on weighted kNN. Considering of energy consumption, an intrusion detection system selection algorithm is joined in the sink node. Simulation results show that the scheme has a lower false detection rate and a higher detection rate at the same time, and it can preserve energy of detection nodes compared with an existing intrusion detection scheme.

Download Full-text

Anomaly Detection in Distributed Denial of Service Attack using Map Reduce Improvised Counter Based Algorithm in Hadoop

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.d8431.118419 ◽

2019 ◽

Vol 8 (4) ◽

pp. 4668-4671

Keyword(s):

Intrusion Detection ◽

Anomaly Detection ◽

Network Traffic ◽

Intrusion Detection System ◽

Detection System ◽

Denial Of Service ◽

Map Reduce ◽

Distributed Denial Of Service ◽

Unusual Pattern ◽

Denial Of Service Attack

A Distributed denial of Service attacks(DDoS) is one of the major threats in the cyber network and it attacks the computers flooded with the Users Data Gram packet. These types of attacks causes major problem in the network in the form of crashing the system with large volume of traffic to attack the victim and make the victim idle in which not responding the requests. To detect this DDOS attack traditional intrusion detection system is not suitable to handle huge volume of data. Hadoop is a frame work which handles huge volume of data and is used to process the data to find any malicious activity in the data. In this research paper anomaly detection technique is implemented in Map Reduce Algorithm which detects the unusual pattern of data in the network traffic. To design a proposed model, Map Reduce platform is used to hold the improvised algorithm which detects the (DDoS) attacks by filtering and sorting the network traffic and detects the unusual pattern from the network. Improvised Map reduce algorithm is implemented with Map Reduce functionalities at the stage of verifying the network IPS. This Proposed algorithm focuses on the UDP flooding attack using Anomaly based Intrusion detection system technique which detects kind of pattern and flow of packets in the node is more than the threshold and also identifies the source code causing UDP Flood Attack.

Download Full-text

An Intrusion Detection System for Detecting Denial-of-Service Attack in Cloud Using Artificial Bee Colony

Proceedings of the International Congress on Information and Communication Technology - Advances in Intelligent Systems and Computing ◽

10.1007/978-981-10-0767-5_16 ◽

2016 ◽

pp. 137-145 ◽

Cited By ~ 5

Author(s):

Shalki Sharma ◽

Anshul Gupta ◽

Sanjay Agrawal

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Artificial Bee Colony ◽

Detection System ◽

Denial Of Service ◽

Denial Of Service Attack ◽

Bee Colony ◽

Service Attack

Download Full-text

A Machine Learning Based Intrusion Detection System for Mobile Internet of Things

Sensors ◽

10.3390/s20020461 ◽

2020 ◽

Vol 20 (2) ◽

pp. 461 ◽

Cited By ~ 7

Author(s):

Amar Amouri ◽

Vishwa T. Alaparthy ◽

Salvatore D. Morgera

Keyword(s):

Internet Of Things ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Power Level ◽

Denial Of Service ◽

Mobile Internet ◽

Malicious Nodes ◽

Detection Rates ◽

Super Node

Intrusion detection systems plays a pivotal role in detecting malicious activities that denigrate the performance of the network. Mobile adhoc networks (MANETs) and wireless sensor networks (WSNs) are a form of wireless network that can transfer data without any need of infrastructure for their operation. A more novel paradigm of networking, namely Internet of Things (IoT) has emerged recently which can be considered as a superset to the afore mentioned paradigms. Their distributed nature and the limited resources available, present a considerable challenge for providing security to these networks. The need for an intrusion detection system (IDS) that can acclimate with such challenges is of extreme significance. Previously, we proposed a cross layer-based IDS with two layers of detection. It uses a heuristic approach which is based on the variability of the correctly classified instances (CCIs), which we refer to as the accumulated measure of fluctuation (AMoF). The current, proposed IDS is composed of two stages; stage one collects data through dedicated sniffers (DSs) and generates the CCI which is sent in a periodic fashion to the super node (SN), and in stage two the SN performs the linear regression process for the collected CCIs from different DSs in order to differentiate the benign from the malicious nodes. In this work, the detection characterization is presented for different extreme scenarios in the network, pertaining to the power level and node velocity for two different mobility models: Random way point (RWP), and Gauss Markov (GM). Malicious activity used in the work are the blackhole and the distributed denial of service (DDoS) attacks. Detection rates are in excess of 98% for high power/node velocity scenarios while they drop to around 90% for low power/node velocity scenarios.

Download Full-text

Anomaly Detection in Distributed Denial of Service Attack using Map Reduce Improvised counter-based algorithm in Hadoop

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i4.36.23811 ◽

2018 ◽

Vol 7 (4.36) ◽

pp. 390

Author(s):

Y. S.Kalai vani ◽

Dr. P.Ranjana

Keyword(s):

Intrusion Detection ◽

Large Volume ◽

Detection System ◽

Denial Of Service ◽

Detection Algorithm ◽

Map Reduce ◽

Distributed Denial Of Service ◽

Huge Amount ◽

Denial Of Service Attack ◽

Flooding Attacks

A Distributed Denial of Service (DDOS) is one of the major threats in the cyber network and it causes the computers flooded with the Users Datagram Packet (UDP).This type of attack crashes the victim with large volume of traffic and the victim is not capable of performing normal communication and crashes it completely. To handle this DDOS attack the normal Intrusion Detection System is not suitable to hold and find the amount of the data in the network. Hadoop is a frame work that allows huge amount of data and it is used to processes the huge amount of data. A Map reduce program comprises of a Map task that performs filtering and sorting and a Reduce task that performs summary operation. The propose work focuses on the detection algorithm based on Map Reduce platform which uses the Improvised counter based (MRICB) algorithm to detect the DDOS flooding attacks. The MRICB algorithm is implemented with Map Reduce functionalities at the stage of verifying the Network IPS. This proposed algorithm also focuses on the UDP flooding attack using anomaly based intrusion detection technique that identifies the kind of packets and the flow of packet in the node is more that the set threshold and also identifies the source code causing UDP Flood attack . Thus it ensures the normal communication with large volume of traffic.

Download Full-text