scholarly journals New architecture of system intrusion detection and prevention

2017 ◽  
Vol 16 (2) ◽  
pp. 20
Author(s):  
Mariusz Nycz ◽  
Mirosław Hajder ◽  
Alicja Gerka
Keyword(s):  
Intrusion Detection ◽  
Small Businesses ◽  
High Price ◽  
Raspberry Pi ◽  
Detection Systems ◽  
Limited Budget ◽  
Information And Communication ◽  
And Control ◽  
Network Administrators ◽  
Intrusion Detection And Prevention

<p>In this article there has been presented new intrusion detection and prevention algorithm implemented on Raspberry Pi platform. The paper begins with the presentation of research methodology in the field of Intrusion Detection Systems. Adequate supervision and control over network traffic is crucial for the security of information and communication technology. As a result of the limited budget allocated for the IT infrastructure of small businesses and the high price of dedicated solutions, many companies do not use mentioned systems. Therefore, in this order, there has been proposed monitoring solution based on the generally available Raspberry Pi platform. The paper is addressed to network administrators.</p>

scholarly journals A Temporal Logic Based Approach to Multi-Agent Intrusion Detection and Prevention

2011 ◽  
pp. 53-61
Author(s):  
Paritosh Das ◽  
Rajdeep Niyogi
Keyword(s):  
Intrusion Detection ◽  
Temporal Logic ◽  
Autonomous Agents ◽  
Or Efficiency ◽  
Detection Systems ◽  
Log Files ◽  
Systems Research ◽  
E Learning ◽  
Logic Approach ◽  
Intrusion Detection And Prevention

Collaborative systems research in the last decade have led to the development in several areas ranging from social computing, e-learning systems to management of complex computer networks. Intrusion Detection Systems (IDS) available today have a number of problems that limit their configurability, scalability or efficiency. An important shortcoming is that the existing architectures is built around a single entity that does most of the data collection and analysis. This work introduces a new architecture for intrusion detection and prevention based on multiple autonomous agents working collectively. We adopt a temporal logic approach to signature-based intrusion detection. We specify intrusion patterns as formulas in a monitorable logic called EAGLE. We also incorporate logics of knowledge into the agents. We implement a prototype tool, called MIDTL and use this tool to detect a variety of security attacks in large log-files provided by DARPA.

Advancing Malware Classification With an Evolving Clustering Method

2018 ◽  
Vol 9 (3) ◽  
pp. 1-12
Author(s):  
Chia-Mei Chen ◽  
Shi-Hao Wang
Keyword(s):  
Intrusion Detection ◽  
Static Analysis ◽  
Intrusion Detection Systems ◽  
Clustering Method ◽  
System Protection ◽  
Detection Systems ◽  
Malware Classification ◽  
Timely Response ◽  
Network Administrators

This article describes how honeypots and intrusion detection systems serve as major mechanisms for security administrators to collect a variety of sample viruses and malware for further analysis, classification, and system protection. However, increased variety and complexity of malware makes the analysis and classification challenging, especially when efficiency and timely response are two contradictory yet equally significant criteria in malware classification. Besides, similarity-based classifications exhibit insufficiency because the mutation and fuzzification of malware exacerbate classification difficulties. In order to improve malware classification speed and attend to mutation, this research proposes the ameliorated progressive classification that integrates static analysis and improved k-means algorithm. This proposed classification aims at assisting network administrators to have a malware classification preprocess and make efficient malware classifications upon the capture of new malware, thus enhancing the defense against malware.

Intrusion Detection and Prevention on Flow of Big Data Using Bacterial Foraging

2015 ◽  
pp. 386-411 ◽  
Author(s):  
Khaleel Ahmad ◽  
Gaurav Kumar ◽  
Abdul Wahid ◽  
Mudasir M. Kirmani
Keyword(s):  
Intrusion Detection ◽  
Network Flow ◽  
Resistance Mechanism ◽  
Intrusion Detection Systems ◽  
Security Measures ◽  
Detection Systems ◽  
The Past ◽  
Anomaly Detector ◽  
Self Learning ◽  
Intrusion Detection And Prevention

Rapid connectivity and exchange of information across the globe with extension of computer networks during the past decade has led to security threats in network communication and has become a critical concern for network management. It is necessary to retain high security measures to ensure safe and trusted communication across the network. Diverse soft-computing-based methods have been devised in the past for the perfection of intrusion detection systems on host-based and host-independent systems. This chapter discusses the flow-based anomaly detector for intrusion in network by self-learning process with characteristics of bacterial forging approach. This approach handles the network-flow and attack on network traffic in an automated fashion. This approach works on host-independent systems and on stream of network rather than payload length where data behavior of flow in network is analyzed. This model provides a cataloging of attacks and resistance mechanism techniques to avoid intrusion.

Advancing Malware Classification With an Evolving Clustering Method

2020 ◽  
pp. 1882-1894
Author(s):  
Chia-Mei Chen ◽  
Shi-Hao Wang
Keyword(s):  
Intrusion Detection ◽  
Static Analysis ◽  
Intrusion Detection Systems ◽  
Clustering Method ◽  
System Protection ◽  
Detection Systems ◽  
Malware Classification ◽  
Timely Response ◽  
Network Administrators

This article describes how honeypots and intrusion detection systems serve as major mechanisms for security administrators to collect a variety of sample viruses and malware for further analysis, classification, and system protection. However, increased variety and complexity of malware makes the analysis and classification challenging, especially when efficiency and timely response are two contradictory yet equally significant criteria in malware classification. Besides, similarity-based classifications exhibit insufficiency because the mutation and fuzzification of malware exacerbate classification difficulties. In order to improve malware classification speed and attend to mutation, this research proposes the ameliorated progressive classification that integrates static analysis and improved k-means algorithm. This proposed classification aims at assisting network administrators to have a malware classification preprocess and make efficient malware classifications upon the capture of new malware, thus enhancing the defense against malware.

Flow Based Classification for Specification Based Intrusion Detection in Software Defined Networking

2019 ◽  
Vol 7 (2) ◽  
pp. 1-8
Author(s):  
Nithya Sampath ◽  
Dinakaran M.
Keyword(s):  
Intrusion Detection ◽  
Information Gain ◽  
Detection System ◽  
Software Defined Networking ◽  
Network Attack ◽  
Detection Systems ◽  
Learning Techniques ◽  
Proposed Model ◽  
And Control

Software defined networking assures the space for network management, SDNs will possibly replace traditional networks by decoupling the data plane and control plane which provides security by means of a global visibility of the network state. This separation provides a solution for developing secure framework efficiently. Open flow protocol provides a programmatic control over the network traffic by writing rules, which acts as a network attack defence. A robust framework is proposed for intrusion detection systems by integrating the feature ranking using information gain for minimizing the irrelevant features for SDN, writing fuzzy-association flow rules and supervised learning techniques for effective classification of intruders. The experimental results obtained on the KDD dataset shows that the proposed model performs with a higher accuracy, and generates an effective intrusion detection system and reduces the ratio of attack traffic.

scholarly journals An adaptive intrusion detection and prevention system for Internet of Things

2019 ◽  
Vol 15 (11) ◽  
pp. 155014771988810
Author(s):  
Sheikh Tahir Bakhsh ◽  
Saleh Alghamdi ◽  
Rayan A Alsemmeari ◽  
Syed Raheel Hassan
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Computer Network ◽  
The Internet ◽  
Detection Systems ◽  
Internet Users ◽  
Prevention System ◽  
Network Technologies ◽  
The Internet Of Things ◽  
Intrusion Detection And Prevention

The revolution of computer network technologies and telecommunication technologies increases the number of Internet users enormously around the world. Thus, many companies nowadays produce various devices having network chips, each device becomes part of the Internet of Things and can run on the Internet to achieve various services for its users. This led to the increase in security threats and attacks on these devices. Due to the increased number of devices connected to the Internet, the attackers have more opportunities to perform their attacks in such an environment. Therefore, security has become a big challenge more than before. In addition, confidentiality, integrity, and availability are required components to assure the security of Internet of Things. In this article, an adaptive intrusion detection and prevention system is proposed for Internet of Things (IDPIoT) to enhance security along with the growth of the devices connected to the Internet. The proposed IDPIoT enhances the security including host-based and network-based functionality by examining the existing intrusion detection systems. Once the proposed IDPIoT receives the packet, it examines the behavior, the packet is suspected, and it blocks or drops the packet. The main goal is accomplished by implementing one essential part of security, which is intrusion detection and prevention system.

scholarly journals A Survey on the Network Intrusion Detection System Using Data Mining Techniques

2020 ◽  
pp. 31-36
Author(s):  
Saumya Saraswat ◽  
Rahul Yadav ◽  
Phalguni Pathak
Keyword(s):  
Intrusion Detection ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Safety Hazards ◽  
Small Organizations ◽  
Security Breaches ◽  
Detection Systems ◽  
Network Intrusion ◽  
Using Data ◽  
Intrusion Detection And Prevention

The idea of making everything available easily and universally has led to a revolution in the field of networking. Despite the tremendous growth of technologies in the field of networks and information technology, we still cannot avoid the theft / attack of our resources. This may not apply to small organizations, but it is a serious problem regarding industry / business or national security. Organizations face an increasing number of threats every day in the form of viruses, intrusions, etc. Since organizations have opted for many different mechanisms in the form of intrusion detection and prevention systems to protect themselves from this type of attack, there are many breach security systems that go undetected. To understand safety hazards and intrusion detection and prevention (IDPS) systems, we will first analyze common security breaches and then discuss what the different opportunities and challenges are in this particular field. In this document, we conducted a survey on the overall progress of intrusion detection systems. We analyze the existing types, techniques and architectures of intrusion detection systems in the literature. Finally, the future scope is mentioned.

Sign in / Sign up

Export Citation Format

Share Document