scholarly journals Detection of Malicious Servers for Preventing Client-Side Attacks

2021 ◽  
Vol 40 (1) ◽  
pp. 230-240
Author(s):  
Khuda Bux ◽  
Muhammad Yousaf ◽  
Akhtar Hussain Jalbani ◽  
Komal Batool
Keyword(s):  
Intrusion Detection System ◽  
Detection System ◽  
Social Engineering ◽  
The Internet ◽  
Malware Analysis ◽  
Passive Detection ◽  
Active Detection ◽  
Client Side ◽  
Current Systems ◽  
Day By Day

The number of client-side attacks is increasing day-by-day. These attacks are launched by using various methods like phishing, drive-by downloads, click-frauds, social engineering, scareware, and ransomware. To get more advantage with less exertion and time, the attackers are focus on the clients, rather than servers which are more secured as compared to the clients. This makes clients as an easy target for the attackers on the Internet. A number of systems/tools have been created by the security community with various functions for detection of client-side attacks. The discovery of malicious servers that launch the client side attacks can be characterized in two types. First to detect malicious servers with passive detection which is often signature based. Second to detect the malicious servers with active detection often with dynamic malware analysis. Current systems or tools have more focus on identifying malicious servers rather than preventing the clients from those malicious servers. In this paper, we have proposed a solution for the detection and prevention of malicious servers that use the Bro Intrusion Detection System (IDS) and VirusTotal API 2.0. The detected malicious link is then blocked at the gateway.

scholarly journals THE ANALYSIS OF WEB SERVER SECURITY FOR MULTIPLE ATTACKS IN THE TIC TIMOR IP NETWORK

2020 ◽  
Vol 14 (1) ◽  
pp. 103
Author(s):  
Lilia Ervina Jeronimo Guterres ◽  
Ahmad Ashari
Keyword(s):  
Intrusion Detection System ◽  
Detection System ◽  
Research Result ◽  
Web Server ◽  
Traffic Monitoring ◽  
Internet Technology ◽  
The Internet ◽  
It Professionals ◽  
Ip Network ◽  
Network Traffic Monitoring

The current technology is changing rapidly, with the significant growth of the internet technology, cyber threats are becoming challenging for IT professionals in the companies and organisations to guard their system. Especially when all the hacking tools and instructions are freely available on the Internet for beginners to learn how to hack such as stealing data and information. Tic Timor IP is one of the organisations involved and engaged in the data center operation. It often gets attacks from the outside networks. A network traffic monitoring system is fundamental to detect any unknown activities happening within a network. Port scanning is one of the first methods commonly used to attack a network by utilizing several free applications such as Angry IP Scan, Nmap and Low Orbit Ion Cannon (LOIC).  On the other hand, the snort-based Intrusion Detection System (IDS) can be used to detect such attacks that occur within the network perimeter including on the web server. Based on the research result, snort has the ability to detect various types of attack including port scanning attacks and multiple snort rules can be accurately set to protect the network from any unknown threats.  

scholarly journals Towards Deep-Learning-Driven Intrusion Detection for the Internet of Things

Sensors ◽  
2019 ◽  
Vol 19 (9) ◽  
pp. 1977 ◽  
Author(s):  
Geethapriya Thamilarasu ◽  
Shiven Chawla
Keyword(s):  
Deep Learning ◽  
Internet Of Things ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Learning Algorithm ◽  
Detection System ◽  
Cyber Attacks ◽  
The Internet ◽  
Critical Systems ◽  
The Internet Of Things

Cyber-attacks on the Internet of Things (IoT) are growing at an alarming rate as devices, applications, and communication networks are becoming increasingly connected and integrated. When attacks on IoT networks go undetected for longer periods, it affects availability of critical systems for end users, increases the number of data breaches and identity theft, drives up the costs and impacts the revenue. It is imperative to detect attacks on IoT systems in near real time to provide effective security and defense. In this paper, we develop an intelligent intrusion-detection system tailored to the IoT environment. Specifically, we use a deep-learning algorithm to detect malicious traffic in IoT networks. The detection solution provides security as a service and facilitates interoperability between various network communication protocols used in IoT. We evaluate our proposed detection framework using both real-network traces for providing a proof of concept, and using simulation for providing evidence of its scalability. Our experimental results confirm that the proposed intrusion-detection system can detect real-world intrusions effectively.

scholarly journals An Anomaly-Based Intrusion Detection System for Internet of Medical Things Networks

Electronics ◽  
2021 ◽  
Vol 10 (21) ◽  
pp. 2562
Author(s):  
Georgios Zachos ◽  
Ismael Essop ◽  
Georgios Mantas ◽  
Kyriakos Porfyrakis ◽  
José C. Ribeiro ◽  
...  
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Computational Cost ◽  
Healthcare Sector ◽  
The Internet ◽  
Full Potential ◽  
Log Files ◽  
Wide Range ◽  
Internet Of Medical Things

Over the past few years, the healthcare sector is being transformed due to the rise of the Internet of Things (IoT) and the introduction of the Internet of Medical Things (IoMT) technology, whose purpose is the improvement of the patient’s quality of life. Nevertheless, the heterogenous and resource-constrained characteristics of IoMT networks make them vulnerable to a wide range of threats. Thus, novel security mechanisms, such as accurate and efficient anomaly-based intrusion detection systems (AIDSs), considering the inherent limitations of the IoMT networks, need to be developed before IoMT networks reach their full potential in the market. Towards this direction, in this paper, we propose an efficient and effective anomaly-based intrusion detection system (AIDS) for IoMT networks. The proposed AIDS aims to leverage host-based and network-based techniques to reliably collect log files from the IoMT devices and the gateway, as well as traffic from the IoMT edge network, while taking into consideration the computational cost. The proposed AIDS is to rely on machine learning (ML) techniques, considering the computation overhead, in order to detect abnormalities in the collected data and thus identify malicious incidents in the IoMT network. A set of six popular ML algorithms was tested and evaluated for anomaly detection in the proposed AIDS, and the evaluation results showed which of them are the most suitable.

scholarly journals Performance Assessment of Ml Techniques for Detecting Intrusions in the Network

2019 ◽  
Vol 8 (12) ◽  
pp. 4095-4100
Keyword(s):  
Network Security ◽  
Intrusion Detection System ◽  
Detection System ◽  
Development Stage ◽  
Technological Advancement ◽  
Security Technology ◽  
Comprehensive Survey ◽  
Learning Machine ◽  
Result Analysis ◽  
Day By Day

It has become crucial for the organizations, military and personal computer users to make the network security. Day by day, security has become a major issue with the increase of internet usage. The improvement in the security technology can be much understood from the security history. Network security is an immense field and it is in development stage. An immense amount of data is being generated every second due to technological advancement and reforms. Social networking and cloud computing are generating a huge amount of data every second. Every minute data is being captured in the computing world from the click of the mouse to video people tend to watch generating an immediate recommendation. Everything a user is doing on the internet is being captured in different ways for multiple intents. Now it all ends up monitoring the system and network and, securing lines and servers. This mechanism is called Intrusion Detection System(IDS). Hacker uses multiple numbers of ways to attack the system which can be detected through a number of algorithm and techniques. A comprehensive survey of some major techniques of machine learning implemented for detecting intrusions. Classification techniques are SVM, Random Forest algorithm, Extreme learning machine, and Decision Tree. NSL-KDD is the dataset used to get the higher rate of detection. The Result Analysis shows that, in terms of accuracy, this paper accomplishes better results when compared to any other related methods.

scholarly journals An Intruder Detection System based on Feature Selection using Random Forest Algorithm

2019 ◽  
Vol 9 (2) ◽  
pp. 5525-5529
Keyword(s):  
Feature Selection ◽  
Random Forest ◽  
Digital Literacy ◽  
Intrusion Detection System ◽  
Detection System ◽  
Credit Cards ◽  
Principal Component ◽  
Training Data ◽  
The Internet ◽  
Internet Applications

In every part of the world, there is tremendous growth in digital literacy in the present era. People are trying to access internet-based applications with the use of digital machines. As a result, the internet has become a primary requirement for everyone, and most business transactions often take place conveniently across the network. On the other hand, intruders involved in making intrusions and doing activities such as capturing passwords, compromise on the route, collecting details of credit cards, etc. Many malicious activities are taking place over the network due to this intruding activity on the internet. Applications such as host-based Intrusion Detection System (IDS) and network-based IDS have previously been used to control network intruders. Mostly when they come with Encrypted packets, spoofed network ids, these techniques were not able to control intruders promisingly. It is essential to examine these types of attacks periodically to identify patterns of recent attacks. In this paper, the authors have proposed a model based on deep learning by using the NSL – KDD dataset to solve these problems. For later train, the model with data with a random forest classifier algorithm, the principal component analysis applied for feature selection. The model is designed to detect patterns of intruders effectively using the knowledge gained from training data. To detect malicious patterns over the network, the model shows a sufficient accuracy of around 90 percent.

ELNIDS: Ensemble Learning based Network Intrusion Detection System for RPL based Internet of Things

2020 ◽  
Author(s):  
Abhishek Verma ◽  
Virender Ranga
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Ensemble Learning ◽  
Intrusion Detection System ◽  
Detection System ◽  
Smart Devices ◽  
Network Intrusion Detection ◽  
The Internet ◽  
Routing Attacks ◽  
Network Intrusion

Internet of Things is realized by a large number of heterogeneous smart devices which sense, collect and share data with each other over the internet in order to control the physical world. Due to open nature, global connectivity and resource constrained nature of smart devices and wireless networks the Internet of Things is susceptible to various routing attacks. In this paper, we purpose an architecture of Ensemble Learning based Network Intrusion Detection System named ELNIDS for detecting routing attacks against IPv6 Routing Protocol for Low-Power and Lossy Networks. We implement four different ensemble based machine learning classifiers including Boosted Trees, Bagged Trees, Subspace Discriminant and RUSBoosted Trees. To evaluate proposed intrusion detection model we have used RPL-NIDDS17 dataset which contains packet traces of Sinkhole, Blackhole, Sybil, Clone ID, Selective Forwarding, Hello Flooding and Local Repair attacks. Simulation results show the effectiveness of the proposed architecture. We observe that ensemble of Boosted Trees achieve the highest Accuracy of 94.5% while Subspace Discriminant method achieves the lowest Accuracy of 77.8% among classifier validation methods. Similarly, an ensemble of RUSBoosted Trees achieves the highest Area under ROC value of 0.98 while lowest Area under ROC value of 0.87 is achieved by an ensemble of Subspace Discriminant among all classifier validation methods. All the implemented classifiers show acceptable performance results.

Sign in / Sign up

Export Citation Format

Share Document