scholarly journals A Rule Mining-based Advanced Persistent Threats Detection System

2021 ◽  
Author(s):  
Sidahmed Benabderrahmane ◽  
Ghita Berrada ◽  
James Cheney ◽  
Petko Valtchev
Keyword(s):  
Early Detection ◽  
Detection System ◽  
Rare Event ◽  
Cyber Attacks ◽  
Rule Mining ◽  
Event Sequences ◽  
Advanced Persistent Threats ◽  
Damage Limitation ◽  
Transparent Computing ◽  
Independent Features

Advanced persistent threats (APT) are stealthy cyber-attacks that are aimed at stealing valuable information from target organizations and tend to extend in time. Blocking all APTs is impossible, security experts caution, hence the importance of research on early detection and damage limitation. Whole-system provenance-tracking and provenance trace mining are considered promising as they can help find causal relationships between activities and flag suspicious event sequences as they occur. We introduce an unsupervised method that exploits OS-independent features reflecting process activity to detect realistic APT-like attacks from provenance traces. Anomalous processes are ranked using both frequent and rare event associations learned from traces. Results are then presented as implications which, since interpretable, help leverage causality in explaining the detected anomalies. When evaluated on Transparent Computing program datasets (DARPA), our method outperformed competing approaches.

scholarly journals Ganoderma boninense Disease Detection by Near-Infrared Spectroscopy Classification: A Review

Sensors ◽  
2021 ◽  
Vol 21 (9) ◽  
pp. 3052
Author(s):  
Mas Ira Syafila Mohd Hilmi Tan ◽  
Mohd Faizal Jamlos ◽  
Ahmad Fairuz Omar ◽  
Fatimah Dzaharudin ◽  
Suramate Chalermwisutkul ◽  
...  
Keyword(s):  
Infrared Spectroscopy ◽  
Early Detection ◽  
Near Infrared Spectroscopy ◽  
Near Infrared ◽  
Predictive Analytics ◽  
Detection System ◽  
Imaging Techniques ◽  
Ganoderma Boninense ◽  
Machine Learning Classification ◽  
Detection Techniques

Ganoderma boninense (G. boninense) infection reduces the productivity of oil palms and causes a serious threat to the palm oil industry. This catastrophic disease ultimately destroys the basal tissues of oil palm, causing the eventual death of the palm. Early detection of G. boninense is vital since there is no effective treatment to stop the continuing spread of the disease. This review describes past and future prospects of integrated research of near-infrared spectroscopy (NIRS), machine learning classification for predictive analytics and signal processing towards an early G. boninense detection system. This effort could reduce the cost of plantation management and avoid production losses. Remarkably, (i) spectroscopy techniques are more reliable than other detection techniques such as serological, molecular, biomarker-based sensor and imaging techniques in reactions with organic tissues, (ii) the NIR spectrum is more precise and sensitive to particular diseases, including G. boninense, compared to visible light and (iii) hand-held NIRS for in situ measurement is used to explore the efficacy of an early detection system in real time using ML classifier algorithms and a predictive analytics model. The non-destructive, environmentally friendly (no chemicals involved), mobile and sensitive leads the NIRS with ML and predictive analytics as a significant platform towards early detection of G. boninense in the future.

Sustainable Security for the Internet of Things Using Artificial Intelligence Architectures

2021 ◽  
Vol 21 (3) ◽  
pp. 1-22
Author(s):  
Celestine Iwendi ◽  
Saif Ur Rehman ◽  
Abdul Rehman Javed ◽  
Suleman Khan ◽  
Gautam Srivastava
Keyword(s):  
Internet Of Things ◽  
Detection System ◽  
Experimental Testing ◽  
Cyber Attacks ◽  
Internet Technology ◽  
The Internet ◽  
Business Operations ◽  
Private Data ◽  
The Internet Of Things ◽  
Better Than

In this digital age, human dependency on technology in various fields has been increasing tremendously. Torrential amounts of different electronic products are being manufactured daily for everyday use. With this advancement in the world of Internet technology, cybersecurity of software and hardware systems are now prerequisites for major business’ operations. Every technology on the market has multiple vulnerabilities that are exploited by hackers and cyber-criminals daily to manipulate data sometimes for malicious purposes. In any system, the Intrusion Detection System (IDS) is a fundamental component for ensuring the security of devices from digital attacks. Recognition of new developing digital threats is getting harder for existing IDS. Furthermore, advanced frameworks are required for IDS to function both efficiently and effectively. The commonly observed cyber-attacks in the business domain include minor attacks used for stealing private data. This article presents a deep learning methodology for detecting cyber-attacks on the Internet of Things using a Long Short Term Networks classifier. Our extensive experimental testing show an Accuracy of 99.09%, F1-score of 99.46%, and Recall of 99.51%, respectively. A detailed metric representing our results in tabular form was used to compare how our model was better than other state-of-the-art models in detecting cyber-attacks with proficiency.

scholarly journals Enhanced Security In Cloud With Multi-Level Intrusion Detection System

2015 ◽  
pp. 9-12
Author(s):  
M. KUZHALISAI ◽  
G. GAYATHRI
Keyword(s):  
Cloud Computing ◽  
Intrusion Detection ◽  
Large Scale ◽  
Detection System ◽  
Computing System ◽  
Cyber Attacks ◽  
Security Level ◽  
Security Service ◽  
Cloud Computing System ◽  
System Resource

Cloud computing is a new type of service which provides large scale computing resource to each customer. Cloud Computing Systems can be easily threatened by various cyber attacks, because most of Cloud computing system needs to contain some Intrusion Detection Systems (IDS) for protecting each Virtual Machine (VM) against threats. In this case, there exists a tradeoff between the security level of the IDS and the system performance. If the IDS provide stronger security service using more rules or patterns, then it needs much more computing resources in proportion to the strength of security. So the amount of resources allocating for customers decreases. Another problem in Cloud Computing is that, huge amount of logs makes system administrators hard to analyse them. In this paper, we propose a method that enables cloud computing system to achieve both effectiveness of using the system resource and strength of the security service without trade-off between them.

scholarly journals Real-Time Bot Detection from Twitter Using the Twitterbot+ Framework

2020 ◽  
Vol 26 (4) ◽  
pp. 496-507
Author(s):  
Kheir Daouadi ◽  
Rim Rebaï ◽  
Ikram Amous
Keyword(s):  
Real Time ◽  
Time Use ◽  
Detection System ◽  
Twitter Data ◽  
Benchmark Datasets ◽  
Filtering Technique ◽  
Bot Detection ◽  
Independent Features ◽  
Quality Of Research

Nowadays, bot detection from Twitter attracts the attention of several researchers around the world. Different bot detection approaches have been proposed as a result of these research efforts. Four of the main challenges faced in this context are the diversity of types of content propagated throughout Twitter, the problem inherent to the text, the lack of sufficient labeled datasets and the fact that the current bot detection approaches are not sufficient to detect bot activities accurately. We propose, Twitterbot+, a bot detection system that leveraged a minimal number of language-independent features extracted from one single tweet with temporal enrichment of a previously labeled datasets. We conducted experiments on three benchmark datasets with standard evaluation scenarios, and the achieved results demonstrate the efficiency of Twitterbot+ against the state-of-the-art. This yielded a promising accuracy results (>95%). Our proposition is suitable for accurate and real-time use in a Twitter data collection step as an initial filtering technique to improve the quality of research data.

scholarly journals Scrutinizing Attacks and Evaluating Performance Appraisal Parameters via Feature Selection in Intrusion Detection System

2021 ◽  
Author(s):  
Navroop Kaur ◽  
Meenakshi Bansal ◽  
Sukhwinder Singh S
Keyword(s):  
Feature Selection ◽  
Performance Evaluation ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Cyber Attacks ◽  
Support Vector ◽  
K Nearest Neighbor ◽  
Evaluation Parameters

Abstract In modern times the firewall and antivirus packages are not good enough to protect the organization from numerous cyber attacks. Computer IDS (Intrusion Detection System) is a crucial aspect that contributes to the success of an organization. IDS is a software application responsible for scanning organization networks for suspicious activities and policy rupturing. IDS ensures the secure and reliable functioning of the network within an organization. IDS underwent huge transformations since its origin to cope up with the advancing computer crimes. The primary motive of IDS has been to augment the competence of detecting the attacks without endangering the performance of the network. The research paper elaborates on different types and different functions performed by the IDS. The NSL KDD dataset has been considered for training and testing. The seven prominent classifiers LR (Logistic Regression), NB (Naïve Bayes), DT (Decision Tree), AB (AdaBoost), RF (Random Forest), kNN (k Nearest Neighbor), and SVM (Support Vector Machine) have been studied along with their pros and cons and the feature selection have been imposed to enhance the reading of performance evaluation parameters (Accuracy, Precision, Recall, and F1Score). The paper elaborates a detailed flowchart and algorithm depicting the procedure to perform feature selection using XGB (Extreme Gradient Booster) for four categories of attacks: DoS (Denial of Service), Probe, R2L (Remote to Local Attack), and U2R (User to Root Attack). The selected features have been ranked as per their occurrence. The implementation have been conducted at five different ratios of 60-40%, 70-30%, 90-10%, 50-50%, and 80-20%. Different classifiers scored best for different performance evaluation parameters at different ratios. NB scored with the best Accuracy and Recall values. DT and RF consistently performed with high accuracy. NB, SVM, and kNN achieved good F1Score.

Sign in / Sign up

Export Citation Format

Share Document