scholarly journals Network attack detection and visual payload labeling technology based on Seq2Seq architecture with attention mechanism

2020 ◽  
Vol 16 (4) ◽  
pp. 155014772091701
Author(s):  
Fan Shi ◽  
Pengcheng Zhu ◽  
Xiangyu Zhou ◽  
Bintao Yuan ◽  
Yong Fang
Keyword(s):  
Web Applications ◽  
Detection Algorithm ◽  
Attack Detection ◽  
Attention Mechanism ◽  
Detection Methods ◽  
The Internet ◽  
World Population ◽  
Network Attack ◽  
Education Medical ◽  
Iot Devices

In recent years, Internet of things (IoT) devices are playing an important role in business, education, medical as well as in other fields. Devices connected to the Internet is much more than the number of world population. However, it may face all kinds of attacks from the Internet easily for its accessibility. As we all know, most attacks against IoT devices are based on Web applications. So protecting the security of Web services can effectively improve the situation of IoT ecosystem. Conventional Web attack detection methods highly rely on samples, and artificial intelligence detection results are uninterpretable. Hence, this article introduced a supervised detection algorithm based on benign samples. Seq2Seq algorithm is been chosen and applied to detect malicious web requests. Meanwhile, the attention mechanism is introduced to label the attack payload and highlight labeling abnormal characters. The results of experiments show that on the premise of training a benign sample, the precision of proposed model is 97.02%, and the recall is 97.60%. It explains that the model can detect Web attack requests effectively. Simultaneously, the model can label attack payload visually and make the model “interpretable.”

scholarly journals Attack Detection in IoT using Machine Learning

2021 ◽  
Vol 11 (3) ◽  
pp. 7273-7278
Author(s):  
M. Anwer ◽  
M. U. Farooq ◽  
S. M. Khan ◽  
W. Waseemullah
Keyword(s):  
Machine Learning ◽  
Network Traffic ◽  
Learning Algorithm ◽  
Attack Detection ◽  
Supervised Machine Learning ◽  
Detection Methods ◽  
Support Vector ◽  
Web Traffic ◽  
Local Networks ◽  
Iot Devices

Many researchers have examined the risks imposed by the Internet of Things (IoT) devices on big companies and smart towns. Due to the high adoption of IoT, their character, inherent mobility, and standardization limitations, smart mechanisms, capable of automatically detecting suspicious movement on IoT devices connected to the local networks are needed. With the increase of IoT devices connected through internet, the capacity of web traffic increased. Due to this change, attack detection through common methods and old data processing techniques is now obsolete. Detection of attacks in IoT and detecting malicious traffic in the early stages is a very challenging problem due to the increase in the size of network traffic. In this paper, a framework is recommended for the detection of malicious network traffic. The framework uses three popular classification-based malicious network traffic detection methods, namely Support Vector Machine (SVM), Gradient Boosted Decision Trees (GBDT), and Random Forest (RF), with RF supervised machine learning algorithm achieving far better accuracy (85.34%). The dataset NSL KDD was used in the recommended framework and the performances in terms of training, predicting time, specificity, and accuracy were compared.

scholarly journals Failure Detection Algorithm for Testing Dynamic Web Applications

2017 ◽  
pp. 37-41
Author(s):  
J. Vijaya Sagar Reddy ◽  
G. Ramesh
Keyword(s):  
Web Sites ◽  
Experimental Evaluation ◽  
Web Application ◽  
Web Applications ◽  
Failure Detection ◽  
Detection Algorithm ◽  
The Internet ◽  
Test Cases ◽  
Dynamic Web ◽  
The Web

Web applications are the most widely used software in the internet. When a web application is developed and deployed in the real environment, It is very severe if any bug found by the attacker or the customer or the owner of the web application. It is the very important to do the proper pre-analysis testing before the release. It is very costly thing if the proper testing of web application is not done at the development location and any bug found at the customer location. For web application testing the existing systems such as DART, Cute and EXE are available. These tools generate test cases by executing the web application on concrete user inputs. These tools are best suitable for testing static web sites and are not suitable for dynamic web applications. The existing systems needs user inputs for generating the test cases. It is most difficult thing for the human being to provide dynamic inputs for all the possible cases. This paper presents algorithms and implementation, and an experimental evaluation that revealed HTML Failures, Execution Failures, Includes in PHP Web applications.

A Method of Experimental Design for GNSS-Dot Net under Jamming Attack

2015 ◽  
Vol 1083 ◽  
pp. 148-154
Author(s):  
Wei Zhou ◽  
Fei Xie ◽  
Yi Fan Zhu ◽  
Qun Li ◽  
Wang Xun Zhang
Keyword(s):  
Source Localization ◽  
Detection Algorithm ◽  
Attack Detection ◽  
Detection Methods ◽  
Interference Detection ◽  
Angle Of Arrival ◽  
Jamming Attack ◽  
Interference Correction ◽  
Hyperbolic Method ◽  
Multiple Interference

The feature of deception jamming for GNSS-dot networks is researched and analyzed, and it is difficult to accurately locate and correct the interference position by using the interference detection methods of the traditional WSN, a new attack detection algorithm that based on an improved angle of arrival (AOA) positioning mechanism to determine the point of disruption and interference correction is proposed. Nextly the algorithm of a single interference source localization based on the hyperbolic method by using anti-jamming principle of the GNSS is researched and given, and can locate both single and multiple interference sources. Then the indicators and methods of performance evaluation for the GNSS-dot networks are proposed. Finally, Experiment based on the algorithm is realized, and the attack detection and correction is very efficient, and interference location under ideal conditions is higher efficiency, and the strategies of anti deception jamming are also identified.

scholarly journals A Framework to Test Resistency of Detection Algorithms for Stepping-Stone Intrusion on Time-Jittering Manipulation

2021 ◽  
Vol 2021 ◽  
pp. 1-8
Author(s):  
Lixin Wang ◽  
Jianhua Yang ◽  
Michael Workman ◽  
Peng-Jun Wan
Keyword(s):  
Data Stream ◽  
Detection Method ◽  
Detection Algorithm ◽  
Efficient Algorithms ◽  
Detection Methods ◽  
The Internet ◽  
Stepping Stones ◽  
Stepping Stone ◽  
Detection Algorithms ◽  
A Chain

Hackers on the Internet usually send attacking packets using compromised hosts, called stepping-stones, in order to avoid being detected and caught. With stepping-stone attacks, an intruder remotely logins these stepping-stones using programs like SSH or telnet, uses a chain of Internet hosts as relay machines, and then sends the attacking packets. A great number of detection approaches have been developed for stepping-stone intrusion (SSI) in the literature. Many of these existing detection methods worked effectively only when session manipulation by intruders is not present. When the session is manipulated by attackers, there are few known effective detection methods for SSI. It is important to know whether a detection algorithm for SSI is resistant on session manipulation by attackers. For session manipulation with chaff perturbation, software tools such as Scapy can be used to inject meaningless packets into a data stream. However, to the best of our knowledge, there are no existing effective tools or efficient algorithms to produce time-jittered network traffic that can be used to test whether an SSI detection method is resistant on intruders’ time-jittering manipulation. In this paper, we propose a framework to test resistency of detection algorithms for SSI on time-jittering manipulation. Our proposed framework can be used to test whether an existing or new SSI detection method is resistant on session manipulation by intruders with time-jittering.

scholarly journals DDosTC: A Transformer-Based Network Attack Detection Hybrid Mechanism in SDN

Sensors ◽  
2021 ◽  
Vol 21 (15) ◽  
pp. 5047
Author(s):  
Haomin Wang ◽  
Wei Li
Keyword(s):  
Neural Network ◽  
Denial Of Service ◽  
Detection Algorithm ◽  
Attack Detection ◽  
Target System ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Optimal Model ◽  
Network Attack ◽  
Average Accuracy

Software-defined networking (SDN) has emerged in recent years as a form of Internet architecture. Its scalability, dynamics, and programmability simplify the traditional Internet structure. This architecture realizes centralized management by separating the control plane and the data-forwarding plane of the network. However, due to this feature, SDN is more vulnerable to attacks than traditional networks and can cause the entire network to collapse. DDoS attacks, also known as distributed denial-of-service attacks, are the most aggressive of all attacks. These attacks generate many packets (or requests) and ultimately overwhelm the target system, causing it to crash. In this article, we designed a hybrid neural network DDosTC structure, combining efficient and scalable transformers and a convolutional neural network (CNN) to detect distributed denial-of-service (DDoS) attacks on SDN, tested on the latest dataset, CICDDoS2019. For better verification, several experiments were conducted by dividing the dataset and comparisons were made with the latest deep learning detection algorithm applied in the field of DDoS intrusion detection. The experimental results show that the average AUC of DDosTC is 2.52% higher than the current optimal model and that DDosTC is more successful than the current optimal model in terms of average accuracy, average recall, and F1 score.

scholarly journals DEDA: An algorithm for early detection of topology attacks in the internet of things

2021 ◽  
Vol 11 (2) ◽  
pp. 1761
Author(s):  
Jalindar Karande ◽  
Sarang Joshi
Keyword(s):  
Internet Of Things ◽  
Early Detection ◽  
Power Plants ◽  
Attack Detection ◽  
Detection Methods ◽  
The Internet ◽  
Critical Systems ◽  
Control Packet ◽  
Entry Points ◽  
The Internet Of Things

The internet of things (IoT) is used in domestic, industrial as well as mission-critical systems including homes, transports, power plants, industrial manufacturing and health-care applications. Security of data generated by such systems and IoT systems itself is very critical in such applications. Early detection of any attack targeting IoT system is necessary to minimize the damage. This paper reviews security attack detection methods for IoT Infrastructure presented in the state-of-the-art. One of the major entry points for attacks in IoT system is topology exploitation. This paper proposes a distributed algorithm for early detection of such attacks with the help of predictive descriptor tables. This paper also presents feature selection from topology control packet fields. The performance of the proposed algorithm is evaluated using an extensive simulation carried out in OMNeT++. Performance parameter includes accuracy and time required for detection. Simulation results presented in this paper show that the proposed algorithm is effective in detecting attacks ahead in time.

scholarly journals A Distributed Security SDN Cluster Architecture for Smart Grid Based on Blockchain Technology

2021 ◽  
Vol 2021 ◽  
pp. 1-9
Author(s):  
Ao Xiong ◽  
Hongkang Tian ◽  
Wenchen He ◽  
Jie Zhang ◽  
Huiping Meng ◽  
...  
Keyword(s):  
Smart Grid ◽  
Single Point ◽  
Cluster Structure ◽  
Cluster Head ◽  
Detection Algorithm ◽  
Attack Detection ◽  
Security And Privacy ◽  
Network Attack ◽  
Blockchain Technology ◽  
Distributed Security

This paper proposes a smart grid distributed security architecture based on blockchain technology and SDN cluster structure, referred to as ClusterBlock model, which combines the advantages of two emerging technologies, blockchain and SDN. The blockchain technology allows for distributed peer-to-peer networks, where the network can ensure the trusted interaction of untrusted nodes in the network. At the same time, this article adopts the design of an SDN controller distributed cluster to avoid single point of failure and balance the load between equipment and the controller. A cluster head was selected in each SDN cluster, and it was used as a blockchain node to construct an SDN cluster head blockchain. By combining blockchain technology, the security and privacy of the SDN communication network can be enhanced. At the same time, this paper designs a distributed control strategy and network attack detection algorithm based on blockchain consensus and introduces the Jaccard similarity coefficient to detect the network attacks. Finally, this paper evaluates the ClusterBlock model and the existing model based on the OpenFlow protocol through simulation experiments and compares the security performance. The evaluation results show that the ClusterBlock model has more stable bandwidth and stronger security performance in the face of DDoS attacks of the same scale.

scholarly journals Security Issues and Challenges in IoT Routing over Wireless Communication

2020 ◽  
Vol 9 (4) ◽  
pp. 1572-1580
Keyword(s):  
Wireless Network ◽  
Detection Methods ◽  
The Internet ◽  
Security Threat ◽  
Security Issues ◽  
Security Challenges ◽  
Interactive Nature ◽  
Iot Devices ◽  
High Level ◽  
The Internet Of Things

The participation of Internet devices in different communications through embedded technologies and the adaptive and interactive nature of each communication affects future development tools and applications. The majority of IoT devices are able to communicate over a wireless network, improving their usability and scalability quickly. But these usability improvements drew the attackers' attention to their personal advantages and created numerous security challenges for detection and protection. Because devices are exposed to the Internet to deliver services, they are particularly vulnerable to various threats to security and privacy.Therefore, a major concern on the Internet of Things (IoT) is the discovery of such abnormal activities that pose a security threat so that appropriate solutions can be provided with a high level of reliability. This paper will be based on a detailed overview of IoT wireless security issues and abnormal activity detection methods. It also provided an overview of the various anomaly detection models and security challenges for launching the IoT connection to the wireless network.

scholarly journals Research on SSDF Attack Detection Algorithm in Cognitive Internet of Things

2021 ◽  
Author(s):  
Miao Liu ◽  
Di Yu ◽  
Zhuo-Miao Huo ◽  
Zhen-Xing Sun
Keyword(s):  
Internet Of Things ◽  
Markov Model ◽  
Hidden Markov Model ◽  
Spectrum Sensing ◽  
Cooperative Spectrum Sensing ◽  
Hidden Markov ◽  
Detection Algorithm ◽  
Attack Detection ◽  
Iot Devices ◽  
Cognitive Internet Of Things

Abstract The Internet of Things (IoT) is a new paradigm for connecting various heterogeneous networks.cognitive radio (CR) adopts cooperative spectrum sensing (CSS) to realize the secondary utilization of idle spectrum by unauthorized IoT devices,so that IoT objects can effectively use spectrum resources.However, the abnormal IoT devices in the cognitive Internet of Things will disrupt the CSS process. For this attack, we propose a spectrum sensing strategy based on the weighted combining of the Hidden Markov Model. In this method, Hidden Markov Model is used to detect the probability of malicious attack of each node and report it to the fusion center (FC). FC allocates a reasonable weight value according to the evaluation of the submitted observation results to improve the accuracy of the sensing results.Simulation results show that the detection performance of spectrum sensing data forgery(SSDF) attack in cognitive Internet of Things is better than that of K rank criterion in hard combining.

scholarly journals DIAMOND: A Structured Coevolution Feature Optimization Method for LDDoS Detection in SDN-IoT

2021 ◽  
Vol 2021 ◽  
pp. 1-14
Author(s):  
Wencheng Yin ◽  
Yunhe Cui ◽  
Qing Qian ◽  
Guowei Shen ◽  
Chun Guo ◽  
...  
Keyword(s):  
Clustering Algorithm ◽  
Denial Of Service ◽  
Optimal Solution ◽  
Solution Space ◽  
Optimization Method ◽  
Attack Detection ◽  
Detection Methods ◽  
Feature Optimization ◽  
Iot Devices ◽  
The Relationship

Software-defined networking for IoT (SDN-IoT) has become popular owing to its utility in smart applications. However, IoT devices are limited in computing resources, which makes them vulnerable to Low-rate Distributed Denial of Service (LDDoS). It is worth noting that LDDoS attacks are extremely stealthy and can evade the monitoring of traditional detection methods. Therefore, how to choose the optimal features to improve the detection performance of LDDoS attack detection methods is a key problem. In this paper, we propose DIAMOND, a structured coevolution feature optimization method for LDDoS detection in SDN-IoT. DIAMOND is consisted of a reachable count sorting clustering algorithm, a group structuring method, a comutation strategy, and a cocrossover strategy. By analysing the information of SDN-IoT network features in the solution space, the relationship between different SDN-IoT network features and the optimal solution is explored in DIAMOND. Then, the individuals with associated SDN-IoT network features are divided into different subpopulations, and a structural tree is generated. Further, multiple structural trees evolve in concert with each other. The evaluation results show that DIAMOND can effectively select optimal low-dimension feature sets and improve the performance of the LDDoS detection method, in terms of detection precision and response time.

Sign in / Sign up

Export Citation Format

Share Document