Intrusion Detection System for Smart Meters in Power Distribution Network Based on Statistical Anomaly Detection

In this paper, a cluster-based hybrid security framework called HSFA for ad hoc networks is proposed and evaluated. The proposed security framework combines both specification and anomaly detection techniques to efficiently detect and prevent wide range of routing attacks. In the proposed hierarchical architecture, cluster nodes run a host specification-based intrusion detection system to detect specification violations attacks such as fabrication, replay, etc. While the cluster heads run an anomaly-based intrusion detection system to detect wormhole and rushing attacks. The proposed specification-based detection approach relies on a set of specifications automatically generated, while anomaly-detection uses statistical techniques. The proposed security framework provides an adaptive response against attacks to prevent damage to the network. The security framework is evaluated by simulation in presence of malicious nodes that can launch different attacks. Simulation results show that the proposed hybrid security framework performs significantly better than other existing mechanisms.

Download Full-text

User Modelling for Exclusion and Anomaly Detection: A Behavioural Intrusion Detection System

User Modeling, Adaptation, and Personalization - Lecture Notes in Computer Science ◽

10.1007/978-3-642-13470-8_20 ◽

2010 ◽

pp. 207-218 ◽

Cited By ~ 6

Author(s):

Grant Pannell ◽

Helen Ashman

Keyword(s):

Intrusion Detection ◽

Anomaly Detection ◽

Intrusion Detection System ◽

Detection System ◽

User Modelling

Download Full-text

Fusion of Misuse Detection with Anomaly Detection Technique for Novel Hybrid Network Intrusion Detection System

Advances in Intelligent Systems and Computing - Recent Developments in Intelligent Computing, Communication and Devices ◽

10.1007/978-981-10-3779-5_10 ◽

2017 ◽

pp. 73-87 ◽

Cited By ~ 1

Author(s):

Jamal Hussain ◽

Samuel Lalmuanawma

Keyword(s):

Intrusion Detection ◽

Anomaly Detection ◽

Intrusion Detection System ◽

Detection System ◽

Detection Technique ◽

Hybrid Network ◽

Network Intrusion Detection ◽

Misuse Detection ◽

Network Intrusion ◽

Network Intrusion Detection System

Download Full-text

A Model-Based Intrusion Detection System for Smart Meters

2014 IEEE 15th International Symposium on High-Assurance Systems Engineering ◽

10.1109/hase.2014.12 ◽

2014 ◽

Cited By ~ 14

Author(s):

Farid Molazem Tabrizi ◽

Karthik Pattabiraman

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Smart Meters ◽

Model Based

Download Full-text

Intrusion Detection System (IDS): Anomaly Detection Using Outlier Detection Approach

Procedia Computer Science ◽

10.1016/j.procs.2015.04.191 ◽

2015 ◽

Vol 48 ◽

pp. 338-346 ◽

Cited By ~ 45

Author(s):

J. Jabez ◽

B. Muthukumar

Keyword(s):

Intrusion Detection ◽

Anomaly Detection ◽

Outlier Detection ◽

Intrusion Detection System ◽

Detection System ◽

Detection Approach

Download Full-text

Deep Learning Based Attack Detection in IIoT using Two-Level Intrusion Detection System

10.21203/rs.3.rs-997888/v1 ◽

2021 ◽

Author(s):

Kathiroli Raja ◽

Krithika Karthikeyan ◽

Abilash B ◽

Kapal Dev ◽

Gunasekaran Raja

Keyword(s):

Deep Learning ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Production Management ◽

Detection System ◽

Denial Of Service ◽

Attack Detection ◽

Sensitive Information ◽

Smart Meters ◽

Network Intrusion

Abstract The Industrial Internet of Things (IIoT), also known as Industry 4.0, has brought a revolution in the production and manufacturing sectors as it assists in the automation of production management and reduces the manual effort needed in auditing and managing the pieces of machinery. IoT-enabled industries, in general, use sensors, smart meters, and actuators. Most of the time, the data held by these devices is surpassingly sensitive and private. This information might be modified, 1 stolen, or even the devices may be subjected to a Denial of Service (DoS) attack. As a consequence, the product quality may deteriorate or sensitive information may be leaked. An Intrusion Detection System (IDS), implemented in the network layer of IIoT, can detect attacks, thereby protecting the data and devices. Despite substantial advancements in attack detection in IIoT, existing works fail to detect certain attacks obfuscated from detectors resulting in a low detection performance. To address the aforementioned issue, we propose a Deep Learning-based Two Level Network Intrusion Detection System (DLTL-NIDS) for IIoT environment, emphasizing challenging attacks. The attacks that attain low accuracy or low precision in level-1 detection are marked as challenging attacks. Experimental results show that the proposed model, when tested against TON IoT, figures out the challenging attacks well and achieves an accuracy of 99.97%, precision of 95.62%, recall of 99.5%, and F1-score of 99.65%. The proposed DL-TLNIDS, when compared with state-of-art models, achieves a decrease in false alarm rate to 2.34% (flagging normal traffic as an attack) in IIoT.

Download Full-text

Anomaly Detection in Distributed Denial of Service Attack using Map Reduce Improvised Counter Based Algorithm in Hadoop

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.d8431.118419 ◽

2019 ◽

Vol 8 (4) ◽

pp. 4668-4671

Keyword(s):

Intrusion Detection ◽

Anomaly Detection ◽

Network Traffic ◽

Intrusion Detection System ◽

Detection System ◽

Denial Of Service ◽

Map Reduce ◽

Distributed Denial Of Service ◽

Unusual Pattern ◽

Denial Of Service Attack

A Distributed denial of Service attacks(DDoS) is one of the major threats in the cyber network and it attacks the computers flooded with the Users Data Gram packet. These types of attacks causes major problem in the network in the form of crashing the system with large volume of traffic to attack the victim and make the victim idle in which not responding the requests. To detect this DDOS attack traditional intrusion detection system is not suitable to handle huge volume of data. Hadoop is a frame work which handles huge volume of data and is used to process the data to find any malicious activity in the data. In this research paper anomaly detection technique is implemented in Map Reduce Algorithm which detects the unusual pattern of data in the network traffic. To design a proposed model, Map Reduce platform is used to hold the improvised algorithm which detects the (DDoS) attacks by filtering and sorting the network traffic and detects the unusual pattern from the network. Improvised Map reduce algorithm is implemented with Map Reduce functionalities at the stage of verifying the network IPS. This Proposed algorithm focuses on the UDP flooding attack using Anomaly based Intrusion detection system technique which detects kind of pattern and flow of packets in the node is more than the threshold and also identifies the source code causing UDP Flood Attack.

Download Full-text

Monitoring DDOS Pada Openflow Switch Dengan Alienvault Ossim

Jurnal Teknologi Informasi Indonesia (JTII) ◽

10.30869/jtii.v3i2.260 ◽

2019 ◽

Vol 3 (2) ◽

pp. 23

Author(s):

Alimuddin Yasin ◽

Ismail Mohidin

Keyword(s):

Intrusion Detection ◽

Anomaly Detection ◽

Vulnerability Assessment ◽

Intrusion Detection System ◽

Detection System ◽

System Vulnerability

DDoS menjadi satu masalah utama dalam keamanan internet dalam dekade terakhir. Intrusion Detection System adalah sebuah aplikasi perangkat lunak atau perangkat keras yang dapat mendeteksi aktivitas yang mencurigakan dalam sebuah sistem atau jaringan. OSSIM adalah gabungan dari IDS (Intrusion Detection System), vulnerability assessment, anomaly detection, network and availability detection, firewall, dll, yang dikemas dalam bentuk distro linux . Sehingga dalam penelitian ini melakukan uji coba serangan DDoS sekaligus melakukan monitoring DDoS di jaringan SDN dengan Alienvault Ossim.

Download Full-text